@azure/msal-browser 4.24.0 → 4.25.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/app/IPublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientNext.mjs +1 -1
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/cache/AccountManager.mjs +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/cache/BrowserCacheManager.mjs +1 -1
- package/dist/cache/CacheHelpers.mjs +1 -1
- package/dist/cache/CacheKeys.mjs +1 -1
- package/dist/cache/CookieStorage.mjs +1 -1
- package/dist/cache/DatabaseStorage.mjs +1 -1
- package/dist/cache/EncryptedData.mjs +1 -1
- package/dist/cache/LocalStorage.mjs +1 -1
- package/dist/cache/MemoryStorage.mjs +1 -1
- package/dist/cache/SessionStorage.mjs +1 -1
- package/dist/cache/TokenCache.mjs +1 -1
- package/dist/config/Configuration.mjs +1 -1
- package/dist/controllers/ControllerFactory.mjs +1 -1
- package/dist/controllers/NestedAppAuthController.mjs +1 -1
- package/dist/controllers/StandardController.d.ts.map +1 -1
- package/dist/controllers/StandardController.mjs +2 -1
- package/dist/controllers/StandardController.mjs.map +1 -1
- package/dist/controllers/UnknownOperatingContextController.mjs +1 -1
- package/dist/crypto/BrowserCrypto.mjs +1 -1
- package/dist/crypto/CryptoOps.mjs +1 -1
- package/dist/crypto/PkceGenerator.mjs +1 -1
- package/dist/crypto/SignedHttpRequest.mjs +1 -1
- package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
- package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheKeys.mjs +1 -1
- package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
- package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/TokenCache.mjs +1 -1
- package/dist/custom-auth-path/config/Configuration.mjs +1 -1
- package/dist/custom-auth-path/controllers/ControllerFactory.mjs +1 -1
- package/dist/custom-auth-path/controllers/StandardController.d.ts.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.mjs +2 -1
- package/dist/custom-auth-path/controllers/StandardController.mjs.map +1 -1
- package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
- package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
- package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.d.ts +1 -0
- package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +25 -2
- package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +6 -6
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.d.ts +5 -0
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +42 -0
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs.map +1 -0
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +45 -0
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs.map +1 -0
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +45 -0
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs.map +1 -0
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +16 -0
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs.map +1 -0
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +16 -0
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs.map +1 -0
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +125 -0
- package/dist/custom-auth-path/custom_auth/core/auth_flow/mfa/state/MfaState.mjs.map +1 -0
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs +85 -0
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/MfaClient.mjs.map +1 -0
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +24 -0
- package/dist/custom-auth-path/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs.map +1 -0
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +2 -2
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.d.ts +1 -0
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +4 -3
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.d.ts +1 -0
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +4 -3
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +6 -3
- package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +15 -13
- package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/index.d.ts +7 -0
- package/dist/custom-auth-path/custom_auth/index.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/index.mjs +7 -1
- package/dist/custom-auth-path/custom_auth/index.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +3 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +2 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordStateParameters.d.ts +2 -0
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordStateParameters.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.d.ts +10 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +9 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.d.ts +19 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +17 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.d.ts +10 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +9 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +6 -13
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +5 -33
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +5 -30
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.d.ts +16 -0
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +68 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInStateParameters.d.ts +2 -0
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInStateParameters.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +2 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +5 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +3 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpStateParameters.d.ts +2 -0
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpStateParameters.d.ts.map +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthError.d.ts.map +1 -1
- package/dist/custom-auth-path/error/NativeAuthError.mjs +3 -2
- package/dist/custom-auth-path/error/NativeAuthError.mjs.map +1 -1
- package/dist/custom-auth-path/error/NativeAuthErrorCodes.d.ts +1 -0
- package/dist/custom-auth-path/error/NativeAuthErrorCodes.d.ts.map +1 -1
- package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +3 -2
- package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs.map +1 -1
- package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
- package/dist/custom-auth-path/event/EventType.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +2 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
- package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
- package/dist/custom-auth-path/packageMetadata.mjs +2 -2
- package/dist/custom-auth-path/protocol/Authorize.mjs +1 -1
- package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
- package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +1 -1
- package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/custom_auth/controller/CustomAuthStandardController.d.ts +1 -0
- package/dist/custom_auth/controller/CustomAuthStandardController.d.ts.map +1 -1
- package/dist/custom_auth/core/auth_flow/AuthFlowErrorBase.d.ts.map +1 -1
- package/dist/custom_auth/core/auth_flow/mfa/error_type/MfaError.d.ts +5 -0
- package/dist/custom_auth/core/auth_flow/mfa/error_type/MfaError.d.ts.map +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.d.ts.map +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.d.ts +1 -0
- package/dist/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.d.ts.map +1 -1
- package/dist/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.d.ts +1 -0
- package/dist/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.d.ts.map +1 -1
- package/dist/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.d.ts.map +1 -1
- package/dist/custom_auth/index.d.ts +7 -0
- package/dist/custom_auth/index.d.ts.map +1 -1
- package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.d.ts.map +1 -1
- package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.d.ts.map +1 -1
- package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordStateParameters.d.ts +2 -0
- package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordStateParameters.d.ts.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/result/SignInResult.d.ts +10 -1
- package/dist/custom_auth/sign_in/auth_flow/result/SignInResult.d.ts.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.d.ts +19 -1
- package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.d.ts.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.d.ts +10 -1
- package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.d.ts.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.d.ts.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInContinuationState.d.ts.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.d.ts.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInState.d.ts +16 -0
- package/dist/custom_auth/sign_in/auth_flow/state/SignInState.d.ts.map +1 -1
- package/dist/custom_auth/sign_in/auth_flow/state/SignInStateParameters.d.ts +2 -0
- package/dist/custom_auth/sign_in/auth_flow/state/SignInStateParameters.d.ts.map +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.d.ts.map +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.d.ts.map +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.d.ts.map +1 -1
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpStateParameters.d.ts +2 -0
- package/dist/custom_auth/sign_up/auth_flow/state/SignUpStateParameters.d.ts.map +1 -1
- package/dist/encode/Base64Decode.mjs +1 -1
- package/dist/encode/Base64Encode.mjs +1 -1
- package/dist/error/BrowserAuthError.mjs +1 -1
- package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/error/NativeAuthError.d.ts.map +1 -1
- package/dist/error/NativeAuthError.mjs +3 -2
- package/dist/error/NativeAuthError.mjs.map +1 -1
- package/dist/error/NativeAuthErrorCodes.d.ts +1 -0
- package/dist/error/NativeAuthErrorCodes.d.ts.map +1 -1
- package/dist/error/NativeAuthErrorCodes.mjs +3 -2
- package/dist/error/NativeAuthErrorCodes.mjs.map +1 -1
- package/dist/error/NestedAppAuthError.mjs +1 -1
- package/dist/event/EventHandler.mjs +1 -1
- package/dist/event/EventMessage.mjs +1 -1
- package/dist/event/EventType.mjs +1 -1
- package/dist/index.mjs +1 -1
- package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs +2 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/interaction_client/PopupClient.mjs +1 -1
- package/dist/interaction_client/RedirectClient.mjs +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/naa/BridgeError.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs +1 -1
- package/dist/naa/BridgeStatusCode.mjs +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
- package/dist/navigation/NavigationClient.mjs +1 -1
- package/dist/network/FetchClient.mjs +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/operatingcontext/UnknownOperatingContext.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.mjs +1 -1
- package/dist/request/RequestHelpers.mjs +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
- package/dist/utils/BrowserConstants.mjs +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/utils/BrowserUtils.mjs +1 -1
- package/dist/utils/Helpers.mjs +1 -1
- package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
- package/lib/custom-auth-path/msal-custom-auth.cjs +894 -468
- package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
- package/lib/custom-auth-path/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/custom-auth-path/types/custom_auth/controller/CustomAuthStandardController.d.ts +1 -0
- package/lib/custom-auth-path/types/custom_auth/controller/CustomAuthStandardController.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/core/auth_flow/AuthFlowErrorBase.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/core/auth_flow/mfa/error_type/MfaError.d.ts +5 -0
- package/lib/custom-auth-path/types/custom_auth/core/auth_flow/mfa/error_type/MfaError.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.d.ts +1 -0
- package/lib/custom-auth-path/types/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.d.ts +1 -0
- package/lib/custom-auth-path/types/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/index.d.ts +7 -0
- package/lib/custom-auth-path/types/custom_auth/index.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/reset_password/auth_flow/state/ResetPasswordStateParameters.d.ts +2 -0
- package/lib/custom-auth-path/types/custom_auth/reset_password/auth_flow/state/ResetPasswordStateParameters.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/sign_in/auth_flow/result/SignInResult.d.ts +10 -1
- package/lib/custom-auth-path/types/custom_auth/sign_in/auth_flow/result/SignInResult.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.d.ts +19 -1
- package/lib/custom-auth-path/types/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.d.ts +10 -1
- package/lib/custom-auth-path/types/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/sign_in/auth_flow/state/SignInContinuationState.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/sign_in/auth_flow/state/SignInState.d.ts +16 -0
- package/lib/custom-auth-path/types/custom_auth/sign_in/auth_flow/state/SignInState.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/sign_in/auth_flow/state/SignInStateParameters.d.ts +2 -0
- package/lib/custom-auth-path/types/custom_auth/sign_in/auth_flow/state/SignInStateParameters.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/sign_up/auth_flow/state/SignUpStateParameters.d.ts +2 -0
- package/lib/custom-auth-path/types/custom_auth/sign_up/auth_flow/state/SignUpStateParameters.d.ts.map +1 -1
- package/lib/custom-auth-path/types/error/NativeAuthError.d.ts.map +1 -1
- package/lib/custom-auth-path/types/error/NativeAuthErrorCodes.d.ts +1 -0
- package/lib/custom-auth-path/types/error/NativeAuthErrorCodes.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
- package/lib/msal-browser.cjs +70 -66
- package/lib/msal-browser.cjs.map +1 -1
- package/lib/msal-browser.js +70 -66
- package/lib/msal-browser.js.map +1 -1
- package/lib/msal-browser.min.js +60 -60
- package/lib/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/types/custom_auth/controller/CustomAuthStandardController.d.ts +1 -0
- package/lib/types/custom_auth/controller/CustomAuthStandardController.d.ts.map +1 -1
- package/lib/types/custom_auth/core/auth_flow/AuthFlowErrorBase.d.ts.map +1 -1
- package/lib/types/custom_auth/core/auth_flow/mfa/error_type/MfaError.d.ts +5 -0
- package/lib/types/custom_auth/core/auth_flow/mfa/error_type/MfaError.d.ts.map +1 -1
- package/lib/types/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.d.ts.map +1 -1
- package/lib/types/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.d.ts +1 -0
- package/lib/types/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.d.ts.map +1 -1
- package/lib/types/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.d.ts +1 -0
- package/lib/types/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.d.ts.map +1 -1
- package/lib/types/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.d.ts.map +1 -1
- package/lib/types/custom_auth/index.d.ts +7 -0
- package/lib/types/custom_auth/index.d.ts.map +1 -1
- package/lib/types/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.d.ts.map +1 -1
- package/lib/types/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.d.ts.map +1 -1
- package/lib/types/custom_auth/reset_password/auth_flow/state/ResetPasswordStateParameters.d.ts +2 -0
- package/lib/types/custom_auth/reset_password/auth_flow/state/ResetPasswordStateParameters.d.ts.map +1 -1
- package/lib/types/custom_auth/sign_in/auth_flow/result/SignInResult.d.ts +10 -1
- package/lib/types/custom_auth/sign_in/auth_flow/result/SignInResult.d.ts.map +1 -1
- package/lib/types/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.d.ts +19 -1
- package/lib/types/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.d.ts.map +1 -1
- package/lib/types/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.d.ts +10 -1
- package/lib/types/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.d.ts.map +1 -1
- package/lib/types/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.d.ts.map +1 -1
- package/lib/types/custom_auth/sign_in/auth_flow/state/SignInContinuationState.d.ts.map +1 -1
- package/lib/types/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.d.ts.map +1 -1
- package/lib/types/custom_auth/sign_in/auth_flow/state/SignInState.d.ts +16 -0
- package/lib/types/custom_auth/sign_in/auth_flow/state/SignInState.d.ts.map +1 -1
- package/lib/types/custom_auth/sign_in/auth_flow/state/SignInStateParameters.d.ts +2 -0
- package/lib/types/custom_auth/sign_in/auth_flow/state/SignInStateParameters.d.ts.map +1 -1
- package/lib/types/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.d.ts.map +1 -1
- package/lib/types/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.d.ts.map +1 -1
- package/lib/types/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.d.ts.map +1 -1
- package/lib/types/custom_auth/sign_up/auth_flow/state/SignUpStateParameters.d.ts +2 -0
- package/lib/types/custom_auth/sign_up/auth_flow/state/SignUpStateParameters.d.ts.map +1 -1
- package/lib/types/error/NativeAuthError.d.ts.map +1 -1
- package/lib/types/error/NativeAuthErrorCodes.d.ts +1 -0
- package/lib/types/error/NativeAuthErrorCodes.d.ts.map +1 -1
- package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/package.json +1 -1
- package/src/controllers/StandardController.ts +1 -0
- package/src/custom_auth/controller/CustomAuthStandardController.ts +33 -0
- package/src/custom_auth/core/auth_flow/AuthFlowErrorBase.ts +3 -5
- package/src/custom_auth/core/auth_flow/mfa/error_type/MfaError.ts +8 -0
- package/src/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.ts +2 -1
- package/src/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.ts +1 -0
- package/src/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.ts +1 -0
- package/src/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.ts +17 -15
- package/src/custom_auth/index.ts +22 -0
- package/src/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.ts +2 -0
- package/src/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.ts +1 -0
- package/src/custom_auth/reset_password/auth_flow/state/ResetPasswordStateParameters.ts +2 -0
- package/src/custom_auth/sign_in/auth_flow/result/SignInResult.ts +12 -1
- package/src/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.ts +27 -1
- package/src/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.ts +14 -1
- package/src/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.ts +12 -22
- package/src/custom_auth/sign_in/auth_flow/state/SignInContinuationState.ts +8 -50
- package/src/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.ts +12 -49
- package/src/custom_auth/sign_in/auth_flow/state/SignInState.ts +108 -0
- package/src/custom_auth/sign_in/auth_flow/state/SignInStateParameters.ts +2 -0
- package/src/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.ts +1 -0
- package/src/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.ts +4 -0
- package/src/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.ts +2 -0
- package/src/custom_auth/sign_up/auth_flow/state/SignUpStateParameters.ts +2 -0
- package/src/error/NativeAuthError.ts +1 -0
- package/src/error/NativeAuthErrorCodes.ts +1 -0
- package/src/interaction_client/PlatformAuthInteractionClient.ts +1 -0
- package/src/packageMetadata.ts +1 -1
|
@@ -1,8 +1,8 @@
|
|
|
1
|
-
/*! @azure/msal-browser v4.
|
|
1
|
+
/*! @azure/msal-browser v4.25.0 2025-10-09 */
|
|
2
2
|
'use strict';
|
|
3
3
|
'use strict';
|
|
4
4
|
|
|
5
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
5
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
6
6
|
/*
|
|
7
7
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8
8
|
* Licensed under the MIT License.
|
|
@@ -276,7 +276,7 @@ const JsonWebTokenTypes = {
|
|
|
276
276
|
// Token renewal offset default in seconds
|
|
277
277
|
const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
|
|
278
278
|
|
|
279
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
279
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
280
280
|
/*
|
|
281
281
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
282
282
|
* Licensed under the MIT License.
|
|
@@ -287,7 +287,7 @@ const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
|
|
|
287
287
|
const unexpectedError = "unexpected_error";
|
|
288
288
|
const postRequestFailed$1 = "post_request_failed";
|
|
289
289
|
|
|
290
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
290
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
291
291
|
|
|
292
292
|
/*
|
|
293
293
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -322,7 +322,7 @@ function createAuthError(code, additionalMessage) {
|
|
|
322
322
|
: AuthErrorMessages[code]);
|
|
323
323
|
}
|
|
324
324
|
|
|
325
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
325
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
326
326
|
/*
|
|
327
327
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
328
328
|
* Licensed under the MIT License.
|
|
@@ -372,7 +372,7 @@ const missingTenantIdError = "missing_tenant_id_error";
|
|
|
372
372
|
const methodNotImplemented = "method_not_implemented";
|
|
373
373
|
const nestedAppAuthBridgeDisabled = "nested_app_auth_bridge_disabled";
|
|
374
374
|
|
|
375
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
375
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
376
376
|
|
|
377
377
|
/*
|
|
378
378
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -446,7 +446,7 @@ function createClientAuthError(errorCode, additionalMessage) {
|
|
|
446
446
|
return new ClientAuthError(errorCode, additionalMessage);
|
|
447
447
|
}
|
|
448
448
|
|
|
449
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
449
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
450
450
|
|
|
451
451
|
/*
|
|
452
452
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -485,7 +485,7 @@ const DEFAULT_CRYPTO_IMPLEMENTATION = {
|
|
|
485
485
|
},
|
|
486
486
|
};
|
|
487
487
|
|
|
488
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
488
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
489
489
|
|
|
490
490
|
/*
|
|
491
491
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -676,12 +676,12 @@ class Logger {
|
|
|
676
676
|
}
|
|
677
677
|
}
|
|
678
678
|
|
|
679
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
679
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
680
680
|
/* eslint-disable header/header */
|
|
681
681
|
const name$1 = "@azure/msal-common";
|
|
682
682
|
const version$1 = "15.13.0";
|
|
683
683
|
|
|
684
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
684
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
685
685
|
/*
|
|
686
686
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
687
687
|
* Licensed under the MIT License.
|
|
@@ -690,7 +690,7 @@ const AzureCloudInstance = {
|
|
|
690
690
|
// AzureCloudInstance is not specified.
|
|
691
691
|
None: "none"};
|
|
692
692
|
|
|
693
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
693
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
694
694
|
/*
|
|
695
695
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
696
696
|
* Licensed under the MIT License.
|
|
@@ -719,7 +719,7 @@ const authorityMismatch = "authority_mismatch";
|
|
|
719
719
|
const invalidRequestMethodForEAR = "invalid_request_method_for_EAR";
|
|
720
720
|
const invalidAuthorizePostBodyParameters = "invalid_authorize_post_body_parameters";
|
|
721
721
|
|
|
722
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
722
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
723
723
|
|
|
724
724
|
/*
|
|
725
725
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -764,7 +764,7 @@ function createClientConfigurationError(errorCode) {
|
|
|
764
764
|
return new ClientConfigurationError(errorCode);
|
|
765
765
|
}
|
|
766
766
|
|
|
767
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
767
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
768
768
|
/*
|
|
769
769
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
770
770
|
* Licensed under the MIT License.
|
|
@@ -861,7 +861,7 @@ class StringUtils {
|
|
|
861
861
|
}
|
|
862
862
|
}
|
|
863
863
|
|
|
864
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
864
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
865
865
|
|
|
866
866
|
/*
|
|
867
867
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1056,7 +1056,7 @@ class ScopeSet {
|
|
|
1056
1056
|
}
|
|
1057
1057
|
}
|
|
1058
1058
|
|
|
1059
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
1059
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
1060
1060
|
/*
|
|
1061
1061
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1062
1062
|
* Licensed under the MIT License.
|
|
@@ -1138,7 +1138,7 @@ function updateAccountTenantProfileData(baseAccountInfo, tenantProfile, idTokenC
|
|
|
1138
1138
|
return updatedAccountInfo;
|
|
1139
1139
|
}
|
|
1140
1140
|
|
|
1141
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
1141
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
1142
1142
|
|
|
1143
1143
|
/*
|
|
1144
1144
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1199,7 +1199,7 @@ function checkMaxAge(authTime, maxAge) {
|
|
|
1199
1199
|
}
|
|
1200
1200
|
}
|
|
1201
1201
|
|
|
1202
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
1202
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
1203
1203
|
|
|
1204
1204
|
/*
|
|
1205
1205
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1315,7 +1315,7 @@ function normalizeUrlForComparison(url) {
|
|
|
1315
1315
|
}
|
|
1316
1316
|
}
|
|
1317
1317
|
|
|
1318
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
1318
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
1319
1319
|
|
|
1320
1320
|
/*
|
|
1321
1321
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1479,7 +1479,7 @@ class UrlString {
|
|
|
1479
1479
|
}
|
|
1480
1480
|
}
|
|
1481
1481
|
|
|
1482
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
1482
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
1483
1483
|
|
|
1484
1484
|
/*
|
|
1485
1485
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1618,7 +1618,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
|
|
|
1618
1618
|
return null;
|
|
1619
1619
|
}
|
|
1620
1620
|
|
|
1621
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
1621
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
1622
1622
|
/*
|
|
1623
1623
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1624
1624
|
* Licensed under the MIT License.
|
|
@@ -1626,7 +1626,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
|
|
|
1626
1626
|
const cacheQuotaExceeded = "cache_quota_exceeded";
|
|
1627
1627
|
const cacheErrorUnknown = "cache_error_unknown";
|
|
1628
1628
|
|
|
1629
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
1629
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
1630
1630
|
|
|
1631
1631
|
/*
|
|
1632
1632
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1671,7 +1671,7 @@ function createCacheError(e) {
|
|
|
1671
1671
|
}
|
|
1672
1672
|
}
|
|
1673
1673
|
|
|
1674
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
1674
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
1675
1675
|
|
|
1676
1676
|
/*
|
|
1677
1677
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2779,7 +2779,7 @@ class DefaultStorageClass extends CacheManager {
|
|
|
2779
2779
|
}
|
|
2780
2780
|
}
|
|
2781
2781
|
|
|
2782
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
2782
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
2783
2783
|
/*
|
|
2784
2784
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2785
2785
|
* Licensed under the MIT License.
|
|
@@ -2803,7 +2803,7 @@ const ProtocolMode = {
|
|
|
2803
2803
|
EAR: "EAR",
|
|
2804
2804
|
};
|
|
2805
2805
|
|
|
2806
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
2806
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
2807
2807
|
/*
|
|
2808
2808
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2809
2809
|
* Licensed under the MIT License.
|
|
@@ -3070,7 +3070,7 @@ const PerformanceEvents = {
|
|
|
3070
3070
|
const PerformanceEventStatus = {
|
|
3071
3071
|
InProgress: 1};
|
|
3072
3072
|
|
|
3073
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
3073
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
3074
3074
|
|
|
3075
3075
|
/*
|
|
3076
3076
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3149,7 +3149,7 @@ class StubPerformanceClient {
|
|
|
3149
3149
|
}
|
|
3150
3150
|
}
|
|
3151
3151
|
|
|
3152
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
3152
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
3153
3153
|
|
|
3154
3154
|
/*
|
|
3155
3155
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3249,7 +3249,7 @@ function isOidcProtocolMode(config) {
|
|
|
3249
3249
|
return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
|
|
3250
3250
|
}
|
|
3251
3251
|
|
|
3252
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
3252
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
3253
3253
|
/*
|
|
3254
3254
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3255
3255
|
* Licensed under the MIT License.
|
|
@@ -3259,7 +3259,7 @@ const CcsCredentialType = {
|
|
|
3259
3259
|
UPN: "UPN",
|
|
3260
3260
|
};
|
|
3261
3261
|
|
|
3262
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
3262
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
3263
3263
|
|
|
3264
3264
|
/*
|
|
3265
3265
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3299,7 +3299,7 @@ function buildClientInfoFromHomeAccountId(homeAccountId) {
|
|
|
3299
3299
|
};
|
|
3300
3300
|
}
|
|
3301
3301
|
|
|
3302
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
3302
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
3303
3303
|
/*
|
|
3304
3304
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3305
3305
|
* Licensed under the MIT License.
|
|
@@ -3349,7 +3349,7 @@ const INSTANCE_AWARE = "instance_aware";
|
|
|
3349
3349
|
const EAR_JWK = "ear_jwk";
|
|
3350
3350
|
const EAR_JWE_CRYPTO = "ear_jwe_crypto";
|
|
3351
3351
|
|
|
3352
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
3352
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
3353
3353
|
|
|
3354
3354
|
/*
|
|
3355
3355
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3729,7 +3729,7 @@ function addPostBodyParameters(parameters, bodyParameters) {
|
|
|
3729
3729
|
});
|
|
3730
3730
|
}
|
|
3731
3731
|
|
|
3732
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
3732
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
3733
3733
|
/*
|
|
3734
3734
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3735
3735
|
* Licensed under the MIT License.
|
|
@@ -3744,7 +3744,7 @@ const AuthorityType = {
|
|
|
3744
3744
|
Ciam: 3,
|
|
3745
3745
|
};
|
|
3746
3746
|
|
|
3747
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
3747
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
3748
3748
|
/*
|
|
3749
3749
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3750
3750
|
* Licensed under the MIT License.
|
|
@@ -3756,7 +3756,7 @@ function isOpenIdConfigResponse(response) {
|
|
|
3756
3756
|
response.hasOwnProperty("jwks_uri"));
|
|
3757
3757
|
}
|
|
3758
3758
|
|
|
3759
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
3759
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
3760
3760
|
/*
|
|
3761
3761
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3762
3762
|
* Licensed under the MIT License.
|
|
@@ -3766,7 +3766,7 @@ function isCloudInstanceDiscoveryResponse(response) {
|
|
|
3766
3766
|
response.hasOwnProperty("metadata"));
|
|
3767
3767
|
}
|
|
3768
3768
|
|
|
3769
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
3769
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
3770
3770
|
/*
|
|
3771
3771
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3772
3772
|
* Licensed under the MIT License.
|
|
@@ -3776,7 +3776,7 @@ function isCloudInstanceDiscoveryErrorResponse(response) {
|
|
|
3776
3776
|
response.hasOwnProperty("error_description"));
|
|
3777
3777
|
}
|
|
3778
3778
|
|
|
3779
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
3779
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
3780
3780
|
/*
|
|
3781
3781
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3782
3782
|
* Licensed under the MIT License.
|
|
@@ -3872,7 +3872,7 @@ const invokeAsync = (callback, eventName, logger, telemetryClient, correlationId
|
|
|
3872
3872
|
};
|
|
3873
3873
|
};
|
|
3874
3874
|
|
|
3875
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
3875
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
3876
3876
|
|
|
3877
3877
|
/*
|
|
3878
3878
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3978,7 +3978,7 @@ RegionDiscovery.IMDS_OPTIONS = {
|
|
|
3978
3978
|
},
|
|
3979
3979
|
};
|
|
3980
3980
|
|
|
3981
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
3981
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
3982
3982
|
/*
|
|
3983
3983
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3984
3984
|
* Licensed under the MIT License.
|
|
@@ -4043,7 +4043,7 @@ function wasClockTurnedBack(cachedAt) {
|
|
|
4043
4043
|
return cachedAtSec > nowSeconds();
|
|
4044
4044
|
}
|
|
4045
4045
|
|
|
4046
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
4046
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
4047
4047
|
|
|
4048
4048
|
/*
|
|
4049
4049
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4305,7 +4305,7 @@ function isAuthorityMetadataExpired(metadata) {
|
|
|
4305
4305
|
return metadata.expiresAt <= nowSeconds();
|
|
4306
4306
|
}
|
|
4307
4307
|
|
|
4308
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
4308
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
4309
4309
|
|
|
4310
4310
|
/*
|
|
4311
4311
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5144,7 +5144,7 @@ function buildStaticAuthorityOptions(authOptions) {
|
|
|
5144
5144
|
};
|
|
5145
5145
|
}
|
|
5146
5146
|
|
|
5147
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
5147
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
5148
5148
|
|
|
5149
5149
|
/*
|
|
5150
5150
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5175,7 +5175,7 @@ async function createDiscoveredInstance(authorityUri, networkClient, cacheManage
|
|
|
5175
5175
|
}
|
|
5176
5176
|
}
|
|
5177
5177
|
|
|
5178
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
5178
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
5179
5179
|
|
|
5180
5180
|
/*
|
|
5181
5181
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5194,7 +5194,7 @@ class ServerError extends AuthError {
|
|
|
5194
5194
|
}
|
|
5195
5195
|
}
|
|
5196
5196
|
|
|
5197
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
5197
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
5198
5198
|
/*
|
|
5199
5199
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5200
5200
|
* Licensed under the MIT License.
|
|
@@ -5215,7 +5215,7 @@ function getRequestThumbprint(clientId, request, homeAccountId) {
|
|
|
5215
5215
|
};
|
|
5216
5216
|
}
|
|
5217
5217
|
|
|
5218
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
5218
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
5219
5219
|
|
|
5220
5220
|
/*
|
|
5221
5221
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5302,7 +5302,7 @@ class ThrottlingUtils {
|
|
|
5302
5302
|
}
|
|
5303
5303
|
}
|
|
5304
5304
|
|
|
5305
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
5305
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
5306
5306
|
|
|
5307
5307
|
/*
|
|
5308
5308
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5333,7 +5333,7 @@ function createNetworkError(error, httpStatus, responseHeaders, additionalError)
|
|
|
5333
5333
|
return new NetworkError(error, httpStatus, responseHeaders);
|
|
5334
5334
|
}
|
|
5335
5335
|
|
|
5336
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
5336
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
5337
5337
|
|
|
5338
5338
|
/*
|
|
5339
5339
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5481,7 +5481,7 @@ class BaseClient {
|
|
|
5481
5481
|
}
|
|
5482
5482
|
}
|
|
5483
5483
|
|
|
5484
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
5484
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
5485
5485
|
/*
|
|
5486
5486
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5487
5487
|
* Licensed under the MIT License.
|
|
@@ -5503,7 +5503,7 @@ function getTenantIdFromIdTokenClaims(idTokenClaims) {
|
|
|
5503
5503
|
return null;
|
|
5504
5504
|
}
|
|
5505
5505
|
|
|
5506
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
5506
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
5507
5507
|
|
|
5508
5508
|
/*
|
|
5509
5509
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5724,7 +5724,7 @@ class AccountEntity {
|
|
|
5724
5724
|
}
|
|
5725
5725
|
}
|
|
5726
5726
|
|
|
5727
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
5727
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
5728
5728
|
/*
|
|
5729
5729
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5730
5730
|
* Licensed under the MIT License.
|
|
@@ -5740,7 +5740,7 @@ const consentRequired = "consent_required";
|
|
|
5740
5740
|
const loginRequired = "login_required";
|
|
5741
5741
|
const badToken = "bad_token";
|
|
5742
5742
|
|
|
5743
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
5743
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
5744
5744
|
|
|
5745
5745
|
/*
|
|
5746
5746
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5812,7 +5812,7 @@ function createInteractionRequiredAuthError(errorCode) {
|
|
|
5812
5812
|
return new InteractionRequiredAuthError(errorCode, InteractionRequiredAuthErrorMessages[errorCode]);
|
|
5813
5813
|
}
|
|
5814
5814
|
|
|
5815
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
5815
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
5816
5816
|
|
|
5817
5817
|
/*
|
|
5818
5818
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5884,7 +5884,7 @@ class ProtocolUtils {
|
|
|
5884
5884
|
}
|
|
5885
5885
|
}
|
|
5886
5886
|
|
|
5887
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
5887
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
5888
5888
|
|
|
5889
5889
|
/*
|
|
5890
5890
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5966,7 +5966,7 @@ class PopTokenGenerator {
|
|
|
5966
5966
|
}
|
|
5967
5967
|
}
|
|
5968
5968
|
|
|
5969
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
5969
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
5970
5970
|
/*
|
|
5971
5971
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5972
5972
|
* Licensed under the MIT License.
|
|
@@ -5993,7 +5993,7 @@ class PopTokenGenerator {
|
|
|
5993
5993
|
}
|
|
5994
5994
|
}
|
|
5995
5995
|
|
|
5996
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
5996
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
5997
5997
|
|
|
5998
5998
|
/*
|
|
5999
5999
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6324,7 +6324,7 @@ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decod
|
|
|
6324
6324
|
return baseAccount;
|
|
6325
6325
|
}
|
|
6326
6326
|
|
|
6327
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
6327
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
6328
6328
|
/*
|
|
6329
6329
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6330
6330
|
* Licensed under the MIT License.
|
|
@@ -6342,7 +6342,7 @@ async function getClientAssertion(clientAssertion, clientId, tokenEndpoint) {
|
|
|
6342
6342
|
}
|
|
6343
6343
|
}
|
|
6344
6344
|
|
|
6345
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
6345
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
6346
6346
|
|
|
6347
6347
|
/*
|
|
6348
6348
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6577,7 +6577,7 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
6577
6577
|
}
|
|
6578
6578
|
}
|
|
6579
6579
|
|
|
6580
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
6580
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
6581
6581
|
|
|
6582
6582
|
/*
|
|
6583
6583
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6786,7 +6786,7 @@ class RefreshTokenClient extends BaseClient {
|
|
|
6786
6786
|
}
|
|
6787
6787
|
}
|
|
6788
6788
|
|
|
6789
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
6789
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
6790
6790
|
|
|
6791
6791
|
/*
|
|
6792
6792
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6884,7 +6884,7 @@ class SilentFlowClient extends BaseClient {
|
|
|
6884
6884
|
}
|
|
6885
6885
|
}
|
|
6886
6886
|
|
|
6887
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
6887
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
6888
6888
|
|
|
6889
6889
|
/*
|
|
6890
6890
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6899,7 +6899,7 @@ const StubbedNetworkModule = {
|
|
|
6899
6899
|
},
|
|
6900
6900
|
};
|
|
6901
6901
|
|
|
6902
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
6902
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
6903
6903
|
|
|
6904
6904
|
/*
|
|
6905
6905
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7123,7 +7123,7 @@ function extractLoginHint(account) {
|
|
|
7123
7123
|
return account.loginHint || account.idTokenClaims?.login_hint || null;
|
|
7124
7124
|
}
|
|
7125
7125
|
|
|
7126
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
7126
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
7127
7127
|
|
|
7128
7128
|
/*
|
|
7129
7129
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7386,7 +7386,7 @@ class ServerTelemetryManager {
|
|
|
7386
7386
|
}
|
|
7387
7387
|
}
|
|
7388
7388
|
|
|
7389
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
7389
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
7390
7390
|
/*
|
|
7391
7391
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
7392
7392
|
* Licensed under the MIT License.
|
|
@@ -7394,7 +7394,7 @@ class ServerTelemetryManager {
|
|
|
7394
7394
|
const missingKidError = "missing_kid_error";
|
|
7395
7395
|
const missingAlgError = "missing_alg_error";
|
|
7396
7396
|
|
|
7397
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
7397
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
7398
7398
|
|
|
7399
7399
|
/*
|
|
7400
7400
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7419,7 +7419,7 @@ function createJoseHeaderError(code) {
|
|
|
7419
7419
|
return new JoseHeaderError(code, JoseHeaderErrorMessages[code]);
|
|
7420
7420
|
}
|
|
7421
7421
|
|
|
7422
|
-
/*! @azure/msal-common v15.13.0 2025-09
|
|
7422
|
+
/*! @azure/msal-common v15.13.0 2025-10-09 */
|
|
7423
7423
|
|
|
7424
7424
|
/*
|
|
7425
7425
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7637,7 +7637,8 @@ const INVALID_POLL_STATUS = "invalid_poll_status";
|
|
|
7637
7637
|
const PASSWORD_CHANGE_FAILED = "password_change_failed";
|
|
7638
7638
|
const PASSWORD_RESET_TIMEOUT = "password_reset_timeout";
|
|
7639
7639
|
const CLIENT_INFO_MISSING = "client_info_missing";
|
|
7640
|
-
const EXPIRED_TOKEN = "expired_token";
|
|
7640
|
+
const EXPIRED_TOKEN = "expired_token";
|
|
7641
|
+
const ACCESS_DENIED = "access_denied";
|
|
7641
7642
|
|
|
7642
7643
|
/*
|
|
7643
7644
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7652,7 +7653,8 @@ const PASSWORD_IS_INVALID = "password_is_invalid";
|
|
|
7652
7653
|
const INVALID_OOB_VALUE = "invalid_oob_value";
|
|
7653
7654
|
const ATTRIBUTE_VALIATION_FAILED = "attribute_validation_failed";
|
|
7654
7655
|
const REGISTRATION_REQUIRED = "registration_required";
|
|
7655
|
-
const MFA_REQUIRED = "mfa_required";
|
|
7656
|
+
const MFA_REQUIRED = "mfa_required";
|
|
7657
|
+
const PROVIDER_BLOCKED_BY_REPUTATION = "provider_blocked_by_rep";
|
|
7656
7658
|
|
|
7657
7659
|
/*
|
|
7658
7660
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7756,9 +7758,9 @@ class AuthFlowErrorBase {
|
|
|
7756
7758
|
}
|
|
7757
7759
|
isVerificationContactBlockedError() {
|
|
7758
7760
|
return (this.errorData instanceof CustomAuthApiError &&
|
|
7759
|
-
this.errorData.error ===
|
|
7760
|
-
this.errorData.
|
|
7761
|
-
|
|
7761
|
+
this.errorData.error === ACCESS_DENIED &&
|
|
7762
|
+
this.errorData.subError ===
|
|
7763
|
+
PROVIDER_BLOCKED_BY_REPUTATION);
|
|
7762
7764
|
}
|
|
7763
7765
|
}
|
|
7764
7766
|
class AuthActionErrorBase extends AuthFlowErrorBase {
|
|
@@ -7852,7 +7854,7 @@ function ensureArgumentIsJSONString(argName, argValue, correlationId) {
|
|
|
7852
7854
|
|
|
7853
7855
|
/* eslint-disable header/header */
|
|
7854
7856
|
const name = "@azure/msal-browser";
|
|
7855
|
-
const version = "4.
|
|
7857
|
+
const version = "4.25.0";
|
|
7856
7858
|
|
|
7857
7859
|
/*
|
|
7858
7860
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -8050,6 +8052,67 @@ class SignInSubmitCodeError extends AuthActionErrorBase {
|
|
|
8050
8052
|
class SignInResendCodeError extends AuthActionErrorBase {
|
|
8051
8053
|
}
|
|
8052
8054
|
|
|
8055
|
+
/*
|
|
8056
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8057
|
+
* Licensed under the MIT License.
|
|
8058
|
+
*/
|
|
8059
|
+
/**
|
|
8060
|
+
* Represents the state of a sign-in operation that has been failed.
|
|
8061
|
+
*/
|
|
8062
|
+
class SignInFailedState extends AuthFlowStateBase {
|
|
8063
|
+
}
|
|
8064
|
+
|
|
8065
|
+
/*
|
|
8066
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8067
|
+
* Licensed under the MIT License.
|
|
8068
|
+
*/
|
|
8069
|
+
class SignInResendCodeResult extends AuthFlowResultBase {
|
|
8070
|
+
/**
|
|
8071
|
+
* Creates a new instance of SignInResendCodeResult.
|
|
8072
|
+
* @param state The state of the result.
|
|
8073
|
+
*/
|
|
8074
|
+
constructor(state) {
|
|
8075
|
+
super(state);
|
|
8076
|
+
}
|
|
8077
|
+
/**
|
|
8078
|
+
* Creates a new instance of SignInResendCodeResult with an error.
|
|
8079
|
+
* @param error The error that occurred.
|
|
8080
|
+
* @returns {SignInResendCodeResult} A new instance of SignInResendCodeResult with the error set.
|
|
8081
|
+
*/
|
|
8082
|
+
static createWithError(error) {
|
|
8083
|
+
const result = new SignInResendCodeResult(new SignInFailedState());
|
|
8084
|
+
result.error = new SignInResendCodeError(SignInResendCodeResult.createErrorData(error));
|
|
8085
|
+
return result;
|
|
8086
|
+
}
|
|
8087
|
+
/**
|
|
8088
|
+
* Checks if the result is in a failed state.
|
|
8089
|
+
*/
|
|
8090
|
+
isFailed() {
|
|
8091
|
+
return this.state instanceof SignInFailedState;
|
|
8092
|
+
}
|
|
8093
|
+
/**
|
|
8094
|
+
* Checks if the result is in a code required state.
|
|
8095
|
+
*/
|
|
8096
|
+
isCodeRequired() {
|
|
8097
|
+
/*
|
|
8098
|
+
* The instanceof operator couldn't be used here to check the state type since the circular dependency issue.
|
|
8099
|
+
* So we are using the constructor name to check the state type.
|
|
8100
|
+
*/
|
|
8101
|
+
return this.state.constructor?.name === "SignInCodeRequiredState";
|
|
8102
|
+
}
|
|
8103
|
+
}
|
|
8104
|
+
|
|
8105
|
+
/*
|
|
8106
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8107
|
+
* Licensed under the MIT License.
|
|
8108
|
+
*/
|
|
8109
|
+
/**
|
|
8110
|
+
* Represents the completed state of the sign-in operation.
|
|
8111
|
+
* This state indicates that the sign-in process has finished successfully.
|
|
8112
|
+
*/
|
|
8113
|
+
class SignInCompletedState extends AuthFlowStateBase {
|
|
8114
|
+
}
|
|
8115
|
+
|
|
8053
8116
|
/*
|
|
8054
8117
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8055
8118
|
* Licensed under the MIT License.
|
|
@@ -8278,49 +8341,55 @@ class CustomAuthAccountData {
|
|
|
8278
8341
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8279
8342
|
* Licensed under the MIT License.
|
|
8280
8343
|
*/
|
|
8281
|
-
|
|
8282
|
-
|
|
8283
|
-
|
|
8284
|
-
|
|
8344
|
+
// Result type constants
|
|
8345
|
+
const JIT_VERIFICATION_REQUIRED_RESULT_TYPE = "JitVerificationRequiredResult";
|
|
8346
|
+
const JIT_COMPLETED_RESULT_TYPE = "JitCompletedResult";
|
|
8347
|
+
function createJitVerificationRequiredResult(input) {
|
|
8348
|
+
return {
|
|
8349
|
+
type: JIT_VERIFICATION_REQUIRED_RESULT_TYPE,
|
|
8350
|
+
...input,
|
|
8351
|
+
};
|
|
8352
|
+
}
|
|
8353
|
+
function createJitCompletedResult(input) {
|
|
8354
|
+
return {
|
|
8355
|
+
type: JIT_COMPLETED_RESULT_TYPE,
|
|
8356
|
+
...input,
|
|
8357
|
+
};
|
|
8285
8358
|
}
|
|
8286
8359
|
|
|
8287
8360
|
/*
|
|
8288
8361
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8289
8362
|
* Licensed under the MIT License.
|
|
8290
8363
|
*/
|
|
8291
|
-
|
|
8292
|
-
|
|
8293
|
-
|
|
8294
|
-
|
|
8295
|
-
*/
|
|
8296
|
-
constructor(state) {
|
|
8297
|
-
super(state);
|
|
8298
|
-
}
|
|
8364
|
+
/**
|
|
8365
|
+
* Error that occurred during authentication method challenge request.
|
|
8366
|
+
*/
|
|
8367
|
+
class AuthMethodRegistrationChallengeMethodError extends AuthActionErrorBase {
|
|
8299
8368
|
/**
|
|
8300
|
-
*
|
|
8301
|
-
* @
|
|
8302
|
-
* @returns {SignInResendCodeResult} A new instance of SignInResendCodeResult with the error set.
|
|
8369
|
+
* Checks if the input for auth method registration is incorrect.
|
|
8370
|
+
* @returns true if the input is incorrect, false otherwise.
|
|
8303
8371
|
*/
|
|
8304
|
-
|
|
8305
|
-
|
|
8306
|
-
result.error = new SignInResendCodeError(SignInResendCodeResult.createErrorData(error));
|
|
8307
|
-
return result;
|
|
8372
|
+
isInvalidInput() {
|
|
8373
|
+
return this.isInvalidInputError();
|
|
8308
8374
|
}
|
|
8309
8375
|
/**
|
|
8310
|
-
* Checks if the
|
|
8376
|
+
* Checks if the error is due to the verification contact (e.g., phone number or email) being blocked. Consider using a different email/phone number or a different authentication method.
|
|
8377
|
+
* @returns true if the error is due to the verification contact being blocked, false otherwise.
|
|
8311
8378
|
*/
|
|
8312
|
-
|
|
8313
|
-
return this.
|
|
8379
|
+
isVerificationContactBlocked() {
|
|
8380
|
+
return this.isVerificationContactBlockedError();
|
|
8314
8381
|
}
|
|
8382
|
+
}
|
|
8383
|
+
/**
|
|
8384
|
+
* Error that occurred during authentication method challenge submission.
|
|
8385
|
+
*/
|
|
8386
|
+
class AuthMethodRegistrationSubmitChallengeError extends AuthActionErrorBase {
|
|
8315
8387
|
/**
|
|
8316
|
-
* Checks if the
|
|
8388
|
+
* Checks if the submitted challenge code is incorrect.
|
|
8389
|
+
* @returns true if the challenge code is incorrect, false otherwise.
|
|
8317
8390
|
*/
|
|
8318
|
-
|
|
8319
|
-
|
|
8320
|
-
* The instanceof operator couldn't be used here to check the state type since the circular dependency issue.
|
|
8321
|
-
* So we are using the constructor name to check the state type.
|
|
8322
|
-
*/
|
|
8323
|
-
return this.state.constructor?.name === "SignInCodeRequiredState";
|
|
8391
|
+
isIncorrectChallenge() {
|
|
8392
|
+
return this.isInvalidCodeError();
|
|
8324
8393
|
}
|
|
8325
8394
|
}
|
|
8326
8395
|
|
|
@@ -8328,42 +8397,53 @@ class SignInResendCodeResult extends AuthFlowResultBase {
|
|
|
8328
8397
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8329
8398
|
* Licensed under the MIT License.
|
|
8330
8399
|
*/
|
|
8331
|
-
|
|
8332
|
-
* Represents the completed state of the sign-in operation.
|
|
8333
|
-
* This state indicates that the sign-in process has finished successfully.
|
|
8334
|
-
*/
|
|
8335
|
-
class SignInCompletedState extends AuthFlowStateBase {
|
|
8400
|
+
class AuthMethodRegistrationFailedState extends AuthFlowStateBase {
|
|
8336
8401
|
}
|
|
8337
8402
|
|
|
8338
8403
|
/*
|
|
8339
8404
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8340
8405
|
* Licensed under the MIT License.
|
|
8341
8406
|
*/
|
|
8342
|
-
|
|
8343
|
-
* Result of
|
|
8407
|
+
/**
|
|
8408
|
+
* Result of challenging an authentication method for registration.
|
|
8409
|
+
* Uses base state type to avoid circular dependencies.
|
|
8344
8410
|
*/
|
|
8345
|
-
class
|
|
8411
|
+
class AuthMethodRegistrationChallengeMethodResult extends AuthFlowResultBase {
|
|
8346
8412
|
/**
|
|
8347
|
-
* Creates
|
|
8413
|
+
* Creates an AuthMethodRegistrationChallengeMethodResult with an error.
|
|
8348
8414
|
* @param error The error that occurred.
|
|
8349
|
-
* @returns
|
|
8415
|
+
* @returns The AuthMethodRegistrationChallengeMethodResult with error.
|
|
8350
8416
|
*/
|
|
8351
8417
|
static createWithError(error) {
|
|
8352
|
-
const result = new
|
|
8353
|
-
result.error = new
|
|
8418
|
+
const result = new AuthMethodRegistrationChallengeMethodResult(new AuthMethodRegistrationFailedState());
|
|
8419
|
+
result.error = new AuthMethodRegistrationChallengeMethodError(AuthMethodRegistrationChallengeMethodResult.createErrorData(error));
|
|
8354
8420
|
return result;
|
|
8355
8421
|
}
|
|
8356
8422
|
/**
|
|
8357
|
-
* Checks if the result
|
|
8423
|
+
* Checks if the result indicates that verification is required.
|
|
8424
|
+
* @returns true if verification is required, false otherwise.
|
|
8425
|
+
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
8358
8426
|
*/
|
|
8359
|
-
|
|
8360
|
-
return this.state
|
|
8427
|
+
isVerificationRequired() {
|
|
8428
|
+
return (this.state.constructor?.name ===
|
|
8429
|
+
"AuthMethodVerificationRequiredState");
|
|
8361
8430
|
}
|
|
8362
8431
|
/**
|
|
8363
|
-
* Checks if the result
|
|
8432
|
+
* Checks if the result indicates that registration is completed (fast-pass scenario).
|
|
8433
|
+
* @returns true if registration is completed, false otherwise.
|
|
8434
|
+
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
8364
8435
|
*/
|
|
8365
8436
|
isCompleted() {
|
|
8366
|
-
return this.state
|
|
8437
|
+
return (this.state.constructor?.name ===
|
|
8438
|
+
"AuthMethodRegistrationCompletedState");
|
|
8439
|
+
}
|
|
8440
|
+
/**
|
|
8441
|
+
* Checks if the result is in a failed state.
|
|
8442
|
+
* @returns true if the result is failed, false otherwise.
|
|
8443
|
+
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
8444
|
+
*/
|
|
8445
|
+
isFailed() {
|
|
8446
|
+
return this.state instanceof AuthMethodRegistrationFailedState;
|
|
8367
8447
|
}
|
|
8368
8448
|
}
|
|
8369
8449
|
|
|
@@ -8371,18 +8451,36 @@ class SignInSubmitCodeResult extends AuthFlowResultBase {
|
|
|
8371
8451
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8372
8452
|
* Licensed under the MIT License.
|
|
8373
8453
|
*/
|
|
8374
|
-
|
|
8375
|
-
*
|
|
8454
|
+
/**
|
|
8455
|
+
* Result of submitting a challenge for authentication method registration.
|
|
8376
8456
|
*/
|
|
8377
|
-
class
|
|
8378
|
-
|
|
8379
|
-
* Creates
|
|
8380
|
-
* @param
|
|
8457
|
+
class AuthMethodRegistrationSubmitChallengeResult extends AuthFlowResultBase {
|
|
8458
|
+
/**
|
|
8459
|
+
* Creates an AuthMethodRegistrationSubmitChallengeResult with an error.
|
|
8460
|
+
* @param error The error that occurred.
|
|
8461
|
+
* @returns The AuthMethodRegistrationSubmitChallengeResult with error.
|
|
8381
8462
|
*/
|
|
8382
|
-
|
|
8383
|
-
|
|
8384
|
-
|
|
8385
|
-
|
|
8463
|
+
static createWithError(error) {
|
|
8464
|
+
const result = new AuthMethodRegistrationSubmitChallengeResult(new AuthMethodRegistrationFailedState());
|
|
8465
|
+
result.error = new AuthMethodRegistrationSubmitChallengeError(AuthMethodRegistrationSubmitChallengeResult.createErrorData(error));
|
|
8466
|
+
return result;
|
|
8467
|
+
}
|
|
8468
|
+
/**
|
|
8469
|
+
* Checks if the result indicates that registration is completed.
|
|
8470
|
+
* @returns true if registration is completed, false otherwise.
|
|
8471
|
+
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
8472
|
+
*/
|
|
8473
|
+
isCompleted() {
|
|
8474
|
+
return (this.state.constructor?.name ===
|
|
8475
|
+
"AuthMethodRegistrationCompletedState");
|
|
8476
|
+
}
|
|
8477
|
+
/**
|
|
8478
|
+
* Checks if the result is in a failed state.
|
|
8479
|
+
* @returns true if the result is failed, false otherwise.
|
|
8480
|
+
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
8481
|
+
*/
|
|
8482
|
+
isFailed() {
|
|
8483
|
+
return this.state instanceof AuthMethodRegistrationFailedState;
|
|
8386
8484
|
}
|
|
8387
8485
|
}
|
|
8388
8486
|
|
|
@@ -8390,174 +8488,179 @@ class SignInState extends AuthFlowActionRequiredStateBase {
|
|
|
8390
8488
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8391
8489
|
* Licensed under the MIT License.
|
|
8392
8490
|
*/
|
|
8393
|
-
|
|
8394
|
-
const SIGN_IN_PASSWORD_REQUIRED_RESULT_TYPE = "SignInPasswordRequiredResult";
|
|
8395
|
-
const SIGN_IN_COMPLETED_RESULT_TYPE = "SignInCompletedResult";
|
|
8396
|
-
const SIGN_IN_JIT_REQUIRED_RESULT_TYPE = "SignInJitRequiredResult";
|
|
8397
|
-
const SIGN_IN_MFA_REQUIRED_RESULT_TYPE = "SignInMfaRequiredResult";
|
|
8398
|
-
function createSignInCompleteResult(input) {
|
|
8399
|
-
return {
|
|
8400
|
-
type: SIGN_IN_COMPLETED_RESULT_TYPE,
|
|
8401
|
-
...input,
|
|
8402
|
-
};
|
|
8403
|
-
}
|
|
8404
|
-
function createSignInPasswordRequiredResult(input) {
|
|
8405
|
-
return {
|
|
8406
|
-
type: SIGN_IN_PASSWORD_REQUIRED_RESULT_TYPE,
|
|
8407
|
-
...input,
|
|
8408
|
-
};
|
|
8409
|
-
}
|
|
8410
|
-
function createSignInCodeSendResult(input) {
|
|
8411
|
-
return {
|
|
8412
|
-
type: SIGN_IN_CODE_SEND_RESULT_TYPE,
|
|
8413
|
-
...input,
|
|
8414
|
-
};
|
|
8415
|
-
}
|
|
8416
|
-
function createSignInJitRequiredResult(input) {
|
|
8417
|
-
return {
|
|
8418
|
-
type: SIGN_IN_JIT_REQUIRED_RESULT_TYPE,
|
|
8419
|
-
...input,
|
|
8420
|
-
};
|
|
8421
|
-
}
|
|
8422
|
-
function createSignInMfaRequiredResult(input) {
|
|
8423
|
-
return {
|
|
8424
|
-
type: SIGN_IN_MFA_REQUIRED_RESULT_TYPE,
|
|
8425
|
-
...input,
|
|
8426
|
-
};
|
|
8491
|
+
class AuthMethodRegistrationCompletedState extends AuthFlowStateBase {
|
|
8427
8492
|
}
|
|
8428
8493
|
|
|
8429
8494
|
/*
|
|
8430
8495
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8431
8496
|
* Licensed under the MIT License.
|
|
8432
8497
|
*/
|
|
8433
|
-
|
|
8434
|
-
*
|
|
8498
|
+
/**
|
|
8499
|
+
* Abstract base class for authentication method registration states.
|
|
8435
8500
|
*/
|
|
8436
|
-
class
|
|
8501
|
+
class AuthMethodRegistrationState extends AuthFlowActionRequiredStateBase {
|
|
8437
8502
|
/**
|
|
8438
|
-
*
|
|
8439
|
-
*
|
|
8440
|
-
* @
|
|
8441
|
-
|
|
8442
|
-
|
|
8443
|
-
async submitCode(code) {
|
|
8503
|
+
* Internal method to challenge an authentication method.
|
|
8504
|
+
* @param authMethodDetails The authentication method details to challenge.
|
|
8505
|
+
* @returns Promise that resolves to AuthMethodRegistrationChallengeMethodResult.
|
|
8506
|
+
*/
|
|
8507
|
+
async challengeAuthMethodInternal(authMethodDetails) {
|
|
8444
8508
|
try {
|
|
8445
|
-
this.
|
|
8446
|
-
const
|
|
8447
|
-
clientId: this.stateParameters.config.auth.clientId,
|
|
8509
|
+
this.stateParameters.logger.verbose(`Challenging authentication method - '${authMethodDetails.authMethodType.id}' for auth method registration.`, this.stateParameters.correlationId);
|
|
8510
|
+
const challengeParams = {
|
|
8448
8511
|
correlationId: this.stateParameters.correlationId,
|
|
8449
|
-
challengeType: this.stateParameters.config.customAuth.challengeTypes ?? [],
|
|
8450
|
-
scopes: this.stateParameters.scopes ?? [],
|
|
8451
8512
|
continuationToken: this.stateParameters.continuationToken ?? "",
|
|
8452
|
-
|
|
8513
|
+
authMethod: authMethodDetails.authMethodType,
|
|
8514
|
+
verificationContact: authMethodDetails.verificationContact,
|
|
8515
|
+
scopes: this.stateParameters.scopes ?? [],
|
|
8453
8516
|
username: this.stateParameters.username,
|
|
8454
8517
|
claims: this.stateParameters.claims,
|
|
8455
8518
|
};
|
|
8456
|
-
|
|
8457
|
-
|
|
8458
|
-
|
|
8459
|
-
|
|
8460
|
-
|
|
8461
|
-
return new
|
|
8519
|
+
const result = await this.stateParameters.jitClient.challengeAuthMethod(challengeParams);
|
|
8520
|
+
this.stateParameters.logger.verbose("Authentication method challenged successfully for auth method registration.", this.stateParameters.correlationId);
|
|
8521
|
+
if (result.type === JIT_VERIFICATION_REQUIRED_RESULT_TYPE) {
|
|
8522
|
+
// Verification required
|
|
8523
|
+
this.stateParameters.logger.verbose("Auth method verification required.", this.stateParameters.correlationId);
|
|
8524
|
+
return new AuthMethodRegistrationChallengeMethodResult(new AuthMethodVerificationRequiredState({
|
|
8525
|
+
correlationId: result.correlationId,
|
|
8526
|
+
continuationToken: result.continuationToken,
|
|
8527
|
+
config: this.stateParameters.config,
|
|
8528
|
+
logger: this.stateParameters.logger,
|
|
8529
|
+
jitClient: this.stateParameters.jitClient,
|
|
8530
|
+
cacheClient: this.stateParameters.cacheClient,
|
|
8531
|
+
challengeChannel: result.challengeChannel,
|
|
8532
|
+
challengeTargetLabel: result.challengeTargetLabel,
|
|
8533
|
+
codeLength: result.codeLength,
|
|
8534
|
+
scopes: this.stateParameters.scopes ?? [],
|
|
8535
|
+
username: this.stateParameters.username,
|
|
8536
|
+
claims: this.stateParameters.claims,
|
|
8537
|
+
}));
|
|
8538
|
+
}
|
|
8539
|
+
else if (result.type === JIT_COMPLETED_RESULT_TYPE) {
|
|
8540
|
+
// Registration completed (fast-pass scenario)
|
|
8541
|
+
this.stateParameters.logger.verbose("Auth method registration completed via fast-pass.", this.stateParameters.correlationId);
|
|
8542
|
+
const accountInfo = new CustomAuthAccountData(result.authenticationResult.account, this.stateParameters.config, this.stateParameters.cacheClient, this.stateParameters.logger, this.stateParameters.correlationId);
|
|
8543
|
+
return new AuthMethodRegistrationChallengeMethodResult(new AuthMethodRegistrationCompletedState(), accountInfo);
|
|
8462
8544
|
}
|
|
8463
8545
|
else {
|
|
8464
|
-
//
|
|
8465
|
-
|
|
8466
|
-
|
|
8467
|
-
return SignInSubmitCodeResult.createWithError(error);
|
|
8546
|
+
// Handle unexpected result type with proper typing
|
|
8547
|
+
this.stateParameters.logger.error("Unexpected result type from auth challenge method", this.stateParameters.correlationId);
|
|
8548
|
+
throw new UnexpectedError("Unexpected result type from auth challenge method");
|
|
8468
8549
|
}
|
|
8469
8550
|
}
|
|
8470
8551
|
catch (error) {
|
|
8471
|
-
this.stateParameters.logger.
|
|
8472
|
-
return
|
|
8552
|
+
this.stateParameters.logger.error("Failed to challenge authentication method for auth method registration.", this.stateParameters.correlationId);
|
|
8553
|
+
return AuthMethodRegistrationChallengeMethodResult.createWithError(error);
|
|
8473
8554
|
}
|
|
8474
8555
|
}
|
|
8556
|
+
}
|
|
8557
|
+
/**
|
|
8558
|
+
* State indicating that authentication method registration is required.
|
|
8559
|
+
*/
|
|
8560
|
+
class AuthMethodRegistrationRequiredState extends AuthMethodRegistrationState {
|
|
8475
8561
|
/**
|
|
8476
|
-
*
|
|
8477
|
-
* @returns
|
|
8562
|
+
* Gets the available authentication methods for registration.
|
|
8563
|
+
* @returns Array of available authentication methods.
|
|
8564
|
+
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
8478
8565
|
*/
|
|
8479
|
-
|
|
8566
|
+
getAuthMethods() {
|
|
8567
|
+
return this.stateParameters.authMethods;
|
|
8568
|
+
}
|
|
8569
|
+
/**
|
|
8570
|
+
* Challenges an authentication method for registration.
|
|
8571
|
+
* @param authMethodDetails The authentication method details to challenge.
|
|
8572
|
+
* @returns Promise that resolves to AuthMethodRegistrationChallengeMethodResult.
|
|
8573
|
+
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
8574
|
+
*/
|
|
8575
|
+
async challengeAuthMethod(authMethodDetails) {
|
|
8576
|
+
return this.challengeAuthMethodInternal(authMethodDetails);
|
|
8577
|
+
}
|
|
8578
|
+
}
|
|
8579
|
+
/**
|
|
8580
|
+
* State indicating that verification is required for the challenged authentication method.
|
|
8581
|
+
*/
|
|
8582
|
+
class AuthMethodVerificationRequiredState extends AuthMethodRegistrationState {
|
|
8583
|
+
/**
|
|
8584
|
+
* Gets the length of the expected verification code.
|
|
8585
|
+
* @returns The code length.
|
|
8586
|
+
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
8587
|
+
*/
|
|
8588
|
+
getCodeLength() {
|
|
8589
|
+
return this.stateParameters.codeLength;
|
|
8590
|
+
}
|
|
8591
|
+
/**
|
|
8592
|
+
* Gets the channel through which the challenge was sent.
|
|
8593
|
+
* @returns The challenge channel (e.g., "email").
|
|
8594
|
+
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
8595
|
+
*/
|
|
8596
|
+
getChannel() {
|
|
8597
|
+
return this.stateParameters.challengeChannel;
|
|
8598
|
+
}
|
|
8599
|
+
/**
|
|
8600
|
+
* Gets the target label indicating where the challenge was sent.
|
|
8601
|
+
* @returns The challenge target label (e.g., masked email address).
|
|
8602
|
+
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
8603
|
+
*/
|
|
8604
|
+
getSentTo() {
|
|
8605
|
+
return this.stateParameters.challengeTargetLabel;
|
|
8606
|
+
}
|
|
8607
|
+
/**
|
|
8608
|
+
* Submits the verification challenge to complete the authentication method registration.
|
|
8609
|
+
* @param code The verification code entered by the user.
|
|
8610
|
+
* @returns Promise that resolves to AuthMethodRegistrationSubmitChallengeResult.
|
|
8611
|
+
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
8612
|
+
*/
|
|
8613
|
+
async submitChallenge(code) {
|
|
8480
8614
|
try {
|
|
8481
|
-
|
|
8482
|
-
|
|
8615
|
+
this.ensureCodeIsValid(code, this.getCodeLength());
|
|
8616
|
+
this.stateParameters.logger.verbose("Submitting auth method challenge.", this.stateParameters.correlationId);
|
|
8617
|
+
const submitParams = {
|
|
8483
8618
|
correlationId: this.stateParameters.correlationId,
|
|
8484
|
-
challengeType: this.stateParameters.config.customAuth.challengeTypes ?? [],
|
|
8485
8619
|
continuationToken: this.stateParameters.continuationToken ?? "",
|
|
8620
|
+
scopes: this.stateParameters.scopes ?? [],
|
|
8621
|
+
grantType: GrantType.OOB,
|
|
8622
|
+
challenge: code,
|
|
8486
8623
|
username: this.stateParameters.username,
|
|
8624
|
+
claims: this.stateParameters.claims,
|
|
8487
8625
|
};
|
|
8488
|
-
|
|
8489
|
-
|
|
8490
|
-
this.stateParameters.
|
|
8491
|
-
return new
|
|
8492
|
-
correlationId: result.correlationId,
|
|
8493
|
-
continuationToken: result.continuationToken,
|
|
8494
|
-
logger: this.stateParameters.logger,
|
|
8495
|
-
config: this.stateParameters.config,
|
|
8496
|
-
signInClient: this.stateParameters.signInClient,
|
|
8497
|
-
cacheClient: this.stateParameters.cacheClient,
|
|
8498
|
-
jitClient: this.stateParameters.jitClient,
|
|
8499
|
-
username: this.stateParameters.username,
|
|
8500
|
-
codeLength: result.codeLength,
|
|
8501
|
-
scopes: this.stateParameters.scopes,
|
|
8502
|
-
}));
|
|
8626
|
+
const result = await this.stateParameters.jitClient.submitChallenge(submitParams);
|
|
8627
|
+
this.stateParameters.logger.verbose("Auth method challenge submitted successfully.", this.stateParameters.correlationId);
|
|
8628
|
+
const accountInfo = new CustomAuthAccountData(result.authenticationResult.account, this.stateParameters.config, this.stateParameters.cacheClient, this.stateParameters.logger, this.stateParameters.correlationId);
|
|
8629
|
+
return new AuthMethodRegistrationSubmitChallengeResult(new AuthMethodRegistrationCompletedState(), accountInfo);
|
|
8503
8630
|
}
|
|
8504
8631
|
catch (error) {
|
|
8505
|
-
|
|
8632
|
+
this.stateParameters.logger.error("Failed to submit auth method challenge.", this.stateParameters.correlationId);
|
|
8633
|
+
return AuthMethodRegistrationSubmitChallengeResult.createWithError(error);
|
|
8506
8634
|
}
|
|
8507
8635
|
}
|
|
8508
8636
|
/**
|
|
8509
|
-
*
|
|
8510
|
-
* @
|
|
8511
|
-
|
|
8512
|
-
|
|
8513
|
-
return this.stateParameters.codeLength;
|
|
8514
|
-
}
|
|
8515
|
-
/**
|
|
8516
|
-
* Gets the scopes to request.
|
|
8517
|
-
* @returns {string[] | undefined} The scopes to request.
|
|
8637
|
+
* Challenges a different authentication method for registration.
|
|
8638
|
+
* @param authMethodDetails The authentication method details to challenge.
|
|
8639
|
+
* @returns Promise that resolves to AuthMethodRegistrationChallengeMethodResult.
|
|
8640
|
+
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
8518
8641
|
*/
|
|
8519
|
-
|
|
8520
|
-
return this.
|
|
8642
|
+
async challengeAuthMethod(authMethodDetails) {
|
|
8643
|
+
return this.challengeAuthMethodInternal(authMethodDetails);
|
|
8521
8644
|
}
|
|
8522
8645
|
}
|
|
8523
8646
|
|
|
8524
|
-
/*
|
|
8525
|
-
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8526
|
-
* Licensed under the MIT License.
|
|
8527
|
-
*/
|
|
8528
|
-
// Result type constants
|
|
8529
|
-
const JIT_VERIFICATION_REQUIRED_RESULT_TYPE = "JitVerificationRequiredResult";
|
|
8530
|
-
const JIT_COMPLETED_RESULT_TYPE = "JitCompletedResult";
|
|
8531
|
-
function createJitVerificationRequiredResult(input) {
|
|
8532
|
-
return {
|
|
8533
|
-
type: JIT_VERIFICATION_REQUIRED_RESULT_TYPE,
|
|
8534
|
-
...input,
|
|
8535
|
-
};
|
|
8536
|
-
}
|
|
8537
|
-
function createJitCompletedResult(input) {
|
|
8538
|
-
return {
|
|
8539
|
-
type: JIT_COMPLETED_RESULT_TYPE,
|
|
8540
|
-
...input,
|
|
8541
|
-
};
|
|
8542
|
-
}
|
|
8543
|
-
|
|
8544
8647
|
/*
|
|
8545
8648
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8546
8649
|
* Licensed under the MIT License.
|
|
8547
8650
|
*/
|
|
8548
8651
|
/**
|
|
8549
|
-
* Error that occurred during
|
|
8652
|
+
* Error that occurred during MFA challenge request.
|
|
8550
8653
|
*/
|
|
8551
|
-
class
|
|
8654
|
+
class MfaRequestChallengeError extends AuthActionErrorBase {
|
|
8552
8655
|
/**
|
|
8553
|
-
* Checks if the input for
|
|
8656
|
+
* Checks if the input for MFA challenge is incorrect.
|
|
8554
8657
|
* @returns true if the input is incorrect, false otherwise.
|
|
8555
8658
|
*/
|
|
8556
8659
|
isInvalidInput() {
|
|
8557
8660
|
return this.isInvalidInputError();
|
|
8558
8661
|
}
|
|
8559
8662
|
/**
|
|
8560
|
-
* Checks if the error is due to the verification contact (e.g., phone number or email) being blocked. Consider
|
|
8663
|
+
* Checks if the error is due to the verification contact (e.g., phone number or email) being blocked. Consider contacting customer support for assistance.
|
|
8561
8664
|
* @returns true if the error is due to the verification contact being blocked, false otherwise.
|
|
8562
8665
|
*/
|
|
8563
8666
|
isVerificationContactBlocked() {
|
|
@@ -8565,12 +8668,12 @@ class AuthMethodRegistrationChallengeMethodError extends AuthActionErrorBase {
|
|
|
8565
8668
|
}
|
|
8566
8669
|
}
|
|
8567
8670
|
/**
|
|
8568
|
-
* Error that occurred during
|
|
8671
|
+
* Error that occurred during MFA challenge submission.
|
|
8569
8672
|
*/
|
|
8570
|
-
class
|
|
8673
|
+
class MfaSubmitChallengeError extends AuthActionErrorBase {
|
|
8571
8674
|
/**
|
|
8572
|
-
* Checks if the submitted challenge code is incorrect.
|
|
8573
|
-
* @returns true if the challenge code is
|
|
8675
|
+
* Checks if the submitted challenge code (e.g., OTP code) is incorrect.
|
|
8676
|
+
* @returns true if the challenge code is invalid, false otherwise.
|
|
8574
8677
|
*/
|
|
8575
8678
|
isIncorrectChallenge() {
|
|
8576
8679
|
return this.isInvalidCodeError();
|
|
@@ -8581,7 +8684,10 @@ class AuthMethodRegistrationSubmitChallengeError extends AuthActionErrorBase {
|
|
|
8581
8684
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8582
8685
|
* Licensed under the MIT License.
|
|
8583
8686
|
*/
|
|
8584
|
-
|
|
8687
|
+
/**
|
|
8688
|
+
* State indicating that the MFA flow has completed successfully.
|
|
8689
|
+
*/
|
|
8690
|
+
class MfaCompletedState extends AuthFlowStateBase {
|
|
8585
8691
|
}
|
|
8586
8692
|
|
|
8587
8693
|
/*
|
|
@@ -8589,37 +8695,36 @@ class AuthMethodRegistrationFailedState extends AuthFlowStateBase {
|
|
|
8589
8695
|
* Licensed under the MIT License.
|
|
8590
8696
|
*/
|
|
8591
8697
|
/**
|
|
8592
|
-
*
|
|
8593
|
-
* Uses base state type to avoid circular dependencies.
|
|
8698
|
+
* State indicating that the MFA flow has failed.
|
|
8594
8699
|
*/
|
|
8595
|
-
class
|
|
8700
|
+
class MfaFailedState extends AuthFlowStateBase {
|
|
8701
|
+
}
|
|
8702
|
+
|
|
8703
|
+
/*
|
|
8704
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8705
|
+
* Licensed under the MIT License.
|
|
8706
|
+
*/
|
|
8707
|
+
/**
|
|
8708
|
+
* Result of submitting an MFA challenge.
|
|
8709
|
+
*/
|
|
8710
|
+
class MfaSubmitChallengeResult extends AuthFlowResultBase {
|
|
8596
8711
|
/**
|
|
8597
|
-
* Creates an
|
|
8712
|
+
* Creates an MfaSubmitChallengeResult with an error.
|
|
8598
8713
|
* @param error The error that occurred.
|
|
8599
|
-
* @returns The
|
|
8714
|
+
* @returns The MfaSubmitChallengeResult with error.
|
|
8600
8715
|
*/
|
|
8601
8716
|
static createWithError(error) {
|
|
8602
|
-
const result = new
|
|
8603
|
-
result.error = new
|
|
8717
|
+
const result = new MfaSubmitChallengeResult(new MfaFailedState());
|
|
8718
|
+
result.error = new MfaSubmitChallengeError(MfaSubmitChallengeResult.createErrorData(error));
|
|
8604
8719
|
return result;
|
|
8605
8720
|
}
|
|
8606
8721
|
/**
|
|
8607
|
-
* Checks if the
|
|
8608
|
-
* @returns true if
|
|
8609
|
-
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
8610
|
-
*/
|
|
8611
|
-
isVerificationRequired() {
|
|
8612
|
-
return (this.state.constructor?.name ===
|
|
8613
|
-
"AuthMethodVerificationRequiredState");
|
|
8614
|
-
}
|
|
8615
|
-
/**
|
|
8616
|
-
* Checks if the result indicates that registration is completed (fast-pass scenario).
|
|
8617
|
-
* @returns true if registration is completed, false otherwise.
|
|
8722
|
+
* Checks if the MFA flow is completed successfully.
|
|
8723
|
+
* @returns true if completed, false otherwise.
|
|
8618
8724
|
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
8619
8725
|
*/
|
|
8620
8726
|
isCompleted() {
|
|
8621
|
-
return
|
|
8622
|
-
"AuthMethodRegistrationCompletedState");
|
|
8727
|
+
return this.state instanceof MfaCompletedState;
|
|
8623
8728
|
}
|
|
8624
8729
|
/**
|
|
8625
8730
|
* Checks if the result is in a failed state.
|
|
@@ -8627,7 +8732,7 @@ class AuthMethodRegistrationChallengeMethodResult extends AuthFlowResultBase {
|
|
|
8627
8732
|
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
8628
8733
|
*/
|
|
8629
8734
|
isFailed() {
|
|
8630
|
-
return this.state instanceof
|
|
8735
|
+
return this.state instanceof MfaFailedState;
|
|
8631
8736
|
}
|
|
8632
8737
|
}
|
|
8633
8738
|
|
|
@@ -8636,27 +8741,27 @@ class AuthMethodRegistrationChallengeMethodResult extends AuthFlowResultBase {
|
|
|
8636
8741
|
* Licensed under the MIT License.
|
|
8637
8742
|
*/
|
|
8638
8743
|
/**
|
|
8639
|
-
* Result of
|
|
8744
|
+
* Result of requesting an MFA challenge.
|
|
8745
|
+
* Uses base state type to avoid circular dependencies.
|
|
8640
8746
|
*/
|
|
8641
|
-
class
|
|
8747
|
+
class MfaRequestChallengeResult extends AuthFlowResultBase {
|
|
8642
8748
|
/**
|
|
8643
|
-
* Creates an
|
|
8749
|
+
* Creates an MfaRequestChallengeResult with an error.
|
|
8644
8750
|
* @param error The error that occurred.
|
|
8645
|
-
* @returns The
|
|
8751
|
+
* @returns The MfaRequestChallengeResult with error.
|
|
8646
8752
|
*/
|
|
8647
8753
|
static createWithError(error) {
|
|
8648
|
-
const result = new
|
|
8649
|
-
result.error = new
|
|
8754
|
+
const result = new MfaRequestChallengeResult(new MfaFailedState());
|
|
8755
|
+
result.error = new MfaRequestChallengeError(MfaRequestChallengeResult.createErrorData(error));
|
|
8650
8756
|
return result;
|
|
8651
8757
|
}
|
|
8652
8758
|
/**
|
|
8653
|
-
* Checks if the result indicates that
|
|
8654
|
-
* @returns true if
|
|
8759
|
+
* Checks if the result indicates that verification is required.
|
|
8760
|
+
* @returns true if verification is required, false otherwise.
|
|
8655
8761
|
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
8656
8762
|
*/
|
|
8657
|
-
|
|
8658
|
-
return
|
|
8659
|
-
"AuthMethodRegistrationCompletedState");
|
|
8763
|
+
isVerificationRequired() {
|
|
8764
|
+
return this.state.constructor?.name === "MfaVerificationRequiredState";
|
|
8660
8765
|
}
|
|
8661
8766
|
/**
|
|
8662
8767
|
* Checks if the result is in a failed state.
|
|
@@ -8664,7 +8769,7 @@ class AuthMethodRegistrationSubmitChallengeResult extends AuthFlowResultBase {
|
|
|
8664
8769
|
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
8665
8770
|
*/
|
|
8666
8771
|
isFailed() {
|
|
8667
|
-
return this.state instanceof
|
|
8772
|
+
return this.state instanceof MfaFailedState;
|
|
8668
8773
|
}
|
|
8669
8774
|
}
|
|
8670
8775
|
|
|
@@ -8672,159 +8777,370 @@ class AuthMethodRegistrationSubmitChallengeResult extends AuthFlowResultBase {
|
|
|
8672
8777
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8673
8778
|
* Licensed under the MIT License.
|
|
8674
8779
|
*/
|
|
8675
|
-
class
|
|
8780
|
+
class MfaState extends AuthFlowActionRequiredStateBase {
|
|
8781
|
+
/**
|
|
8782
|
+
* Requests an MFA challenge for a specific authentication method.
|
|
8783
|
+
* @param authMethodId The authentication method ID to use for the challenge.
|
|
8784
|
+
* @returns Promise that resolves to MfaRequestChallengeResult.
|
|
8785
|
+
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
8786
|
+
*/
|
|
8787
|
+
async requestChallenge(authMethodId) {
|
|
8788
|
+
try {
|
|
8789
|
+
ensureArgumentIsNotEmptyString("authMethodId", authMethodId);
|
|
8790
|
+
this.stateParameters.logger.verbose(`Requesting MFA challenge with authentication method - '${authMethodId}'.`, this.stateParameters.correlationId);
|
|
8791
|
+
const requestParams = {
|
|
8792
|
+
correlationId: this.stateParameters.correlationId,
|
|
8793
|
+
continuationToken: this.stateParameters.continuationToken ?? "",
|
|
8794
|
+
challengeType: this.stateParameters.config.customAuth.challengeTypes ?? [],
|
|
8795
|
+
authMethodId: authMethodId,
|
|
8796
|
+
};
|
|
8797
|
+
const result = await this.stateParameters.mfaClient.requestChallenge(requestParams);
|
|
8798
|
+
this.stateParameters.logger.verbose("MFA challenge requested successfully.", this.stateParameters.correlationId);
|
|
8799
|
+
return new MfaRequestChallengeResult(new MfaVerificationRequiredState({
|
|
8800
|
+
correlationId: result.correlationId,
|
|
8801
|
+
continuationToken: result.continuationToken,
|
|
8802
|
+
config: this.stateParameters.config,
|
|
8803
|
+
logger: this.stateParameters.logger,
|
|
8804
|
+
mfaClient: this.stateParameters.mfaClient,
|
|
8805
|
+
cacheClient: this.stateParameters.cacheClient,
|
|
8806
|
+
challengeChannel: result.challengeChannel,
|
|
8807
|
+
challengeTargetLabel: result.challengeTargetLabel,
|
|
8808
|
+
codeLength: result.codeLength,
|
|
8809
|
+
selectedAuthMethodId: authMethodId,
|
|
8810
|
+
scopes: this.stateParameters.scopes ?? [],
|
|
8811
|
+
}));
|
|
8812
|
+
}
|
|
8813
|
+
catch (error) {
|
|
8814
|
+
this.stateParameters.logger.errorPii(`Failed to request MFA challenge. Error: ${error}.`, this.stateParameters.correlationId);
|
|
8815
|
+
return MfaRequestChallengeResult.createWithError(error);
|
|
8816
|
+
}
|
|
8817
|
+
}
|
|
8818
|
+
}
|
|
8819
|
+
/**
|
|
8820
|
+
* State indicating that MFA is required and awaiting user action.
|
|
8821
|
+
* This state allows the developer to pause execution before sending the code to the user's email.
|
|
8822
|
+
*/
|
|
8823
|
+
class MfaAwaitingState extends MfaState {
|
|
8824
|
+
/**
|
|
8825
|
+
* Gets the available authentication methods for MFA.
|
|
8826
|
+
* @returns Array of available authentication methods.
|
|
8827
|
+
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
8828
|
+
*/
|
|
8829
|
+
getAuthMethods() {
|
|
8830
|
+
return this.stateParameters.authMethods;
|
|
8831
|
+
}
|
|
8832
|
+
}
|
|
8833
|
+
/**
|
|
8834
|
+
* State indicating that MFA verification is required.
|
|
8835
|
+
* The challenge has been sent and the user needs to provide the code.
|
|
8836
|
+
*/
|
|
8837
|
+
class MfaVerificationRequiredState extends MfaState {
|
|
8838
|
+
/**
|
|
8839
|
+
* Gets the length of the code that the user needs to provide.
|
|
8840
|
+
* @returns The expected code length.
|
|
8841
|
+
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
8842
|
+
*/
|
|
8843
|
+
getCodeLength() {
|
|
8844
|
+
return this.stateParameters.codeLength;
|
|
8845
|
+
}
|
|
8846
|
+
/**
|
|
8847
|
+
* Gets the channel through which the challenge was sent.
|
|
8848
|
+
* @returns The challenge channel (e.g., "email").
|
|
8849
|
+
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
8850
|
+
*/
|
|
8851
|
+
getChannel() {
|
|
8852
|
+
return this.stateParameters.challengeChannel;
|
|
8853
|
+
}
|
|
8854
|
+
/**
|
|
8855
|
+
* Gets the target label indicating where the challenge was sent.
|
|
8856
|
+
* @returns The challenge target label (e.g., masked email address).
|
|
8857
|
+
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
8858
|
+
*/
|
|
8859
|
+
getSentTo() {
|
|
8860
|
+
return this.stateParameters.challengeTargetLabel;
|
|
8861
|
+
}
|
|
8862
|
+
/**
|
|
8863
|
+
* Submits the MFA challenge (e.g., OTP code) to complete the authentication.
|
|
8864
|
+
* @param challenge The challenge code (e.g., OTP code) entered by the user.
|
|
8865
|
+
* @returns Promise that resolves to MfaSubmitChallengeResult.
|
|
8866
|
+
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
8867
|
+
*/
|
|
8868
|
+
async submitChallenge(challenge) {
|
|
8869
|
+
try {
|
|
8870
|
+
this.ensureCodeIsValid(challenge, this.getCodeLength());
|
|
8871
|
+
this.stateParameters.logger.verbose("Submitting MFA challenge.", this.stateParameters.correlationId);
|
|
8872
|
+
const submitParams = {
|
|
8873
|
+
correlationId: this.stateParameters.correlationId,
|
|
8874
|
+
continuationToken: this.stateParameters.continuationToken ?? "",
|
|
8875
|
+
scopes: this.stateParameters.scopes ?? [],
|
|
8876
|
+
challenge: challenge,
|
|
8877
|
+
};
|
|
8878
|
+
const result = await this.stateParameters.mfaClient.submitChallenge(submitParams);
|
|
8879
|
+
this.stateParameters.logger.verbose("MFA challenge submitted successfully.", this.stateParameters.correlationId);
|
|
8880
|
+
const accountInfo = new CustomAuthAccountData(result.authenticationResult.account, this.stateParameters.config, this.stateParameters.cacheClient, this.stateParameters.logger, this.stateParameters.correlationId);
|
|
8881
|
+
return new MfaSubmitChallengeResult(new MfaCompletedState(), accountInfo);
|
|
8882
|
+
}
|
|
8883
|
+
catch (error) {
|
|
8884
|
+
this.stateParameters.logger.errorPii(`Failed to submit MFA challenge. Error: ${error}.`, this.stateParameters.correlationId);
|
|
8885
|
+
return MfaSubmitChallengeResult.createWithError(error);
|
|
8886
|
+
}
|
|
8887
|
+
}
|
|
8676
8888
|
}
|
|
8677
8889
|
|
|
8678
8890
|
/*
|
|
8679
8891
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8680
8892
|
* Licensed under the MIT License.
|
|
8681
8893
|
*/
|
|
8682
|
-
|
|
8683
|
-
*
|
|
8894
|
+
/*
|
|
8895
|
+
* Result of a sign-in submit code operation.
|
|
8684
8896
|
*/
|
|
8685
|
-
class
|
|
8897
|
+
class SignInSubmitCodeResult extends AuthFlowResultBase {
|
|
8686
8898
|
/**
|
|
8687
|
-
*
|
|
8688
|
-
* @param
|
|
8689
|
-
* @returns
|
|
8899
|
+
* Creates a new instance of SignInSubmitCodeResult with error data.
|
|
8900
|
+
* @param error The error that occurred.
|
|
8901
|
+
* @returns {SignInSubmitCodeResult} A new instance of SignInSubmitCodeResult with the error set.
|
|
8690
8902
|
*/
|
|
8691
|
-
|
|
8903
|
+
static createWithError(error) {
|
|
8904
|
+
const result = new SignInSubmitCodeResult(new SignInFailedState());
|
|
8905
|
+
result.error = new SignInSubmitCodeError(SignInSubmitCodeResult.createErrorData(error));
|
|
8906
|
+
return result;
|
|
8907
|
+
}
|
|
8908
|
+
/**
|
|
8909
|
+
* Checks if the result is in a failed state.
|
|
8910
|
+
*/
|
|
8911
|
+
isFailed() {
|
|
8912
|
+
return this.state instanceof SignInFailedState;
|
|
8913
|
+
}
|
|
8914
|
+
/**
|
|
8915
|
+
* Checks if the result is in a completed state.
|
|
8916
|
+
*/
|
|
8917
|
+
isCompleted() {
|
|
8918
|
+
return this.state instanceof SignInCompletedState;
|
|
8919
|
+
}
|
|
8920
|
+
/**
|
|
8921
|
+
* Checks if the result requires authentication method registration.
|
|
8922
|
+
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
8923
|
+
*/
|
|
8924
|
+
isAuthMethodRegistrationRequired() {
|
|
8925
|
+
return this.state instanceof AuthMethodRegistrationRequiredState;
|
|
8926
|
+
}
|
|
8927
|
+
/**
|
|
8928
|
+
* Checks if the result requires MFA.
|
|
8929
|
+
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
8930
|
+
*/
|
|
8931
|
+
isMfaRequired() {
|
|
8932
|
+
return this.state instanceof MfaAwaitingState;
|
|
8933
|
+
}
|
|
8934
|
+
}
|
|
8935
|
+
|
|
8936
|
+
/*
|
|
8937
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8938
|
+
* Licensed under the MIT License.
|
|
8939
|
+
*/
|
|
8940
|
+
const SIGN_IN_CODE_SEND_RESULT_TYPE = "SignInCodeSendResult";
|
|
8941
|
+
const SIGN_IN_PASSWORD_REQUIRED_RESULT_TYPE = "SignInPasswordRequiredResult";
|
|
8942
|
+
const SIGN_IN_COMPLETED_RESULT_TYPE = "SignInCompletedResult";
|
|
8943
|
+
const SIGN_IN_JIT_REQUIRED_RESULT_TYPE = "SignInJitRequiredResult";
|
|
8944
|
+
const SIGN_IN_MFA_REQUIRED_RESULT_TYPE = "SignInMfaRequiredResult";
|
|
8945
|
+
function createSignInCompleteResult(input) {
|
|
8946
|
+
return {
|
|
8947
|
+
type: SIGN_IN_COMPLETED_RESULT_TYPE,
|
|
8948
|
+
...input,
|
|
8949
|
+
};
|
|
8950
|
+
}
|
|
8951
|
+
function createSignInPasswordRequiredResult(input) {
|
|
8952
|
+
return {
|
|
8953
|
+
type: SIGN_IN_PASSWORD_REQUIRED_RESULT_TYPE,
|
|
8954
|
+
...input,
|
|
8955
|
+
};
|
|
8956
|
+
}
|
|
8957
|
+
function createSignInCodeSendResult(input) {
|
|
8958
|
+
return {
|
|
8959
|
+
type: SIGN_IN_CODE_SEND_RESULT_TYPE,
|
|
8960
|
+
...input,
|
|
8961
|
+
};
|
|
8962
|
+
}
|
|
8963
|
+
function createSignInJitRequiredResult(input) {
|
|
8964
|
+
return {
|
|
8965
|
+
type: SIGN_IN_JIT_REQUIRED_RESULT_TYPE,
|
|
8966
|
+
...input,
|
|
8967
|
+
};
|
|
8968
|
+
}
|
|
8969
|
+
function createSignInMfaRequiredResult(input) {
|
|
8970
|
+
return {
|
|
8971
|
+
type: SIGN_IN_MFA_REQUIRED_RESULT_TYPE,
|
|
8972
|
+
...input,
|
|
8973
|
+
};
|
|
8974
|
+
}
|
|
8975
|
+
|
|
8976
|
+
/*
|
|
8977
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8978
|
+
* Licensed under the MIT License.
|
|
8979
|
+
*/
|
|
8980
|
+
/*
|
|
8981
|
+
* Base state handler for sign-in flow.
|
|
8982
|
+
*/
|
|
8983
|
+
class SignInState extends AuthFlowActionRequiredStateBase {
|
|
8984
|
+
/*
|
|
8985
|
+
* Creates a new SignInState.
|
|
8986
|
+
* @param stateParameters - The state parameters for sign-in.
|
|
8987
|
+
*/
|
|
8988
|
+
constructor(stateParameters) {
|
|
8989
|
+
super(stateParameters);
|
|
8990
|
+
ensureArgumentIsNotEmptyString("username", stateParameters.username, stateParameters.correlationId);
|
|
8991
|
+
ensureArgumentIsNotEmptyString("continuationToken", stateParameters.continuationToken, stateParameters.correlationId);
|
|
8992
|
+
}
|
|
8993
|
+
/**
|
|
8994
|
+
* Handles the result of a sign-in attempt.
|
|
8995
|
+
* @param result - The result of the sign-in attempt.
|
|
8996
|
+
* @param scopes - The scopes requested for the sign-in.
|
|
8997
|
+
* @returns An object containing the next state and account information, if applicable.
|
|
8998
|
+
*/
|
|
8999
|
+
handleSignInResult(result, scopes) {
|
|
9000
|
+
const correlationId = result.correlationId || this.stateParameters.correlationId;
|
|
9001
|
+
if (result.type === SIGN_IN_COMPLETED_RESULT_TYPE) {
|
|
9002
|
+
// Sign-in completed - return SignInCompletedState
|
|
9003
|
+
this.stateParameters.logger.verbose("Sign-in completed successfully.", correlationId);
|
|
9004
|
+
const accountInfo = new CustomAuthAccountData(result.authenticationResult.account, this.stateParameters.config, this.stateParameters.cacheClient, this.stateParameters.logger, correlationId);
|
|
9005
|
+
return {
|
|
9006
|
+
state: new SignInCompletedState(),
|
|
9007
|
+
accountInfo: accountInfo,
|
|
9008
|
+
};
|
|
9009
|
+
}
|
|
9010
|
+
else if (result.type === SIGN_IN_JIT_REQUIRED_RESULT_TYPE) {
|
|
9011
|
+
// JIT is required - return AuthMethodRegistrationRequiredState
|
|
9012
|
+
this.stateParameters.logger.verbose("Authentication method registration is required during sign-in.", correlationId);
|
|
9013
|
+
return {
|
|
9014
|
+
state: new AuthMethodRegistrationRequiredState({
|
|
9015
|
+
correlationId: correlationId,
|
|
9016
|
+
continuationToken: result.continuationToken,
|
|
9017
|
+
logger: this.stateParameters.logger,
|
|
9018
|
+
config: this.stateParameters.config,
|
|
9019
|
+
jitClient: this.stateParameters.jitClient,
|
|
9020
|
+
cacheClient: this.stateParameters.cacheClient,
|
|
9021
|
+
authMethods: result.authMethods,
|
|
9022
|
+
username: this.stateParameters.username,
|
|
9023
|
+
scopes: scopes ?? [],
|
|
9024
|
+
claims: this.stateParameters.claims,
|
|
9025
|
+
}),
|
|
9026
|
+
};
|
|
9027
|
+
}
|
|
9028
|
+
else if (result.type === SIGN_IN_MFA_REQUIRED_RESULT_TYPE) {
|
|
9029
|
+
// MFA is required - return MfaAwaitingState
|
|
9030
|
+
this.stateParameters.logger.verbose("MFA is required during the sign-in.", correlationId);
|
|
9031
|
+
return {
|
|
9032
|
+
state: new MfaAwaitingState({
|
|
9033
|
+
correlationId: correlationId,
|
|
9034
|
+
continuationToken: result.continuationToken,
|
|
9035
|
+
logger: this.stateParameters.logger,
|
|
9036
|
+
config: this.stateParameters.config,
|
|
9037
|
+
mfaClient: this.stateParameters.mfaClient,
|
|
9038
|
+
cacheClient: this.stateParameters.cacheClient,
|
|
9039
|
+
scopes: scopes ?? [],
|
|
9040
|
+
authMethods: result.authMethods ?? [],
|
|
9041
|
+
}),
|
|
9042
|
+
};
|
|
9043
|
+
}
|
|
9044
|
+
else {
|
|
9045
|
+
// Unexpected result type
|
|
9046
|
+
const unexpectedResult = result;
|
|
9047
|
+
const error = new Error(`Unexpected result type: ${unexpectedResult.type}`);
|
|
9048
|
+
return {
|
|
9049
|
+
state: new SignInFailedState(),
|
|
9050
|
+
error: error,
|
|
9051
|
+
};
|
|
9052
|
+
}
|
|
9053
|
+
}
|
|
9054
|
+
}
|
|
9055
|
+
|
|
9056
|
+
/*
|
|
9057
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
9058
|
+
* Licensed under the MIT License.
|
|
9059
|
+
*/
|
|
9060
|
+
/*
|
|
9061
|
+
* Sign-in code required state.
|
|
9062
|
+
*/
|
|
9063
|
+
class SignInCodeRequiredState extends SignInState {
|
|
9064
|
+
/**
|
|
9065
|
+
* Once user configures email one-time passcode as a authentication method in Microsoft Entra, a one-time passcode will be sent to the user’s email.
|
|
9066
|
+
* Submit this one-time passcode to continue sign-in flow.
|
|
9067
|
+
* @param {string} code - The code to submit.
|
|
9068
|
+
* @returns {Promise<SignInSubmitCodeResult>} The result of the operation.
|
|
9069
|
+
*/
|
|
9070
|
+
async submitCode(code) {
|
|
8692
9071
|
try {
|
|
8693
|
-
this.
|
|
8694
|
-
const
|
|
9072
|
+
this.ensureCodeIsValid(code, this.stateParameters.codeLength);
|
|
9073
|
+
const submitCodeParams = {
|
|
9074
|
+
clientId: this.stateParameters.config.auth.clientId,
|
|
8695
9075
|
correlationId: this.stateParameters.correlationId,
|
|
8696
|
-
|
|
8697
|
-
authMethod: authMethodDetails.authMethodType,
|
|
8698
|
-
verificationContact: authMethodDetails.verificationContact,
|
|
9076
|
+
challengeType: this.stateParameters.config.customAuth.challengeTypes ?? [],
|
|
8699
9077
|
scopes: this.stateParameters.scopes ?? [],
|
|
9078
|
+
continuationToken: this.stateParameters.continuationToken ?? "",
|
|
9079
|
+
code: code,
|
|
8700
9080
|
username: this.stateParameters.username,
|
|
8701
9081
|
claims: this.stateParameters.claims,
|
|
8702
9082
|
};
|
|
8703
|
-
|
|
8704
|
-
|
|
8705
|
-
|
|
8706
|
-
|
|
8707
|
-
|
|
8708
|
-
return
|
|
8709
|
-
correlationId: result.correlationId,
|
|
8710
|
-
continuationToken: result.continuationToken,
|
|
8711
|
-
config: this.stateParameters.config,
|
|
8712
|
-
logger: this.stateParameters.logger,
|
|
8713
|
-
jitClient: this.stateParameters.jitClient,
|
|
8714
|
-
cacheClient: this.stateParameters.cacheClient,
|
|
8715
|
-
challengeChannel: result.challengeChannel,
|
|
8716
|
-
challengeTargetLabel: result.challengeTargetLabel,
|
|
8717
|
-
codeLength: result.codeLength,
|
|
8718
|
-
scopes: this.stateParameters.scopes ?? [],
|
|
8719
|
-
username: this.stateParameters.username,
|
|
8720
|
-
claims: this.stateParameters.claims,
|
|
8721
|
-
}));
|
|
8722
|
-
}
|
|
8723
|
-
else if (result.type === JIT_COMPLETED_RESULT_TYPE) {
|
|
8724
|
-
// Registration completed (fast-pass scenario)
|
|
8725
|
-
this.stateParameters.logger.verbose("Auth method registration completed via fast-pass.", this.stateParameters.correlationId);
|
|
8726
|
-
const accountInfo = new CustomAuthAccountData(result.authenticationResult.account, this.stateParameters.config, this.stateParameters.cacheClient, this.stateParameters.logger, this.stateParameters.correlationId);
|
|
8727
|
-
return new AuthMethodRegistrationChallengeMethodResult(new AuthMethodRegistrationCompletedState(), accountInfo);
|
|
8728
|
-
}
|
|
8729
|
-
else {
|
|
8730
|
-
// Handle unexpected result type with proper typing
|
|
8731
|
-
this.stateParameters.logger.error("Unexpected result type from auth challenge method", this.stateParameters.correlationId);
|
|
8732
|
-
throw new UnexpectedError("Unexpected result type from auth challenge method");
|
|
9083
|
+
this.stateParameters.logger.verbose("Submitting code for sign-in.", this.stateParameters.correlationId);
|
|
9084
|
+
const submitCodeResult = await this.stateParameters.signInClient.submitCode(submitCodeParams);
|
|
9085
|
+
this.stateParameters.logger.verbose("Code submitted for sign-in.", this.stateParameters.correlationId);
|
|
9086
|
+
const nextState = this.handleSignInResult(submitCodeResult, this.stateParameters.scopes);
|
|
9087
|
+
if (nextState.error) {
|
|
9088
|
+
return SignInSubmitCodeResult.createWithError(nextState.error);
|
|
8733
9089
|
}
|
|
9090
|
+
return new SignInSubmitCodeResult(nextState.state, nextState.accountInfo);
|
|
8734
9091
|
}
|
|
8735
9092
|
catch (error) {
|
|
8736
|
-
this.stateParameters.logger.
|
|
8737
|
-
return
|
|
9093
|
+
this.stateParameters.logger.errorPii(`Failed to submit code for sign-in. Error: ${error}.`, this.stateParameters.correlationId);
|
|
9094
|
+
return SignInSubmitCodeResult.createWithError(error);
|
|
8738
9095
|
}
|
|
8739
9096
|
}
|
|
8740
|
-
}
|
|
8741
|
-
/**
|
|
8742
|
-
* State indicating that authentication method registration is required.
|
|
8743
|
-
*/
|
|
8744
|
-
class AuthMethodRegistrationRequiredState extends AuthMethodRegistrationState {
|
|
8745
|
-
/**
|
|
8746
|
-
* Gets the available authentication methods for registration.
|
|
8747
|
-
* @returns Array of available authentication methods.
|
|
8748
|
-
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
8749
|
-
*/
|
|
8750
|
-
getAuthMethods() {
|
|
8751
|
-
return this.stateParameters.authMethods;
|
|
8752
|
-
}
|
|
8753
|
-
/**
|
|
8754
|
-
* Challenges an authentication method for registration.
|
|
8755
|
-
* @param authMethodDetails The authentication method details to challenge.
|
|
8756
|
-
* @returns Promise that resolves to AuthMethodRegistrationChallengeMethodResult.
|
|
8757
|
-
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
8758
|
-
*/
|
|
8759
|
-
async challengeAuthMethod(authMethodDetails) {
|
|
8760
|
-
return this.challengeAuthMethodInternal(authMethodDetails);
|
|
8761
|
-
}
|
|
8762
|
-
}
|
|
8763
|
-
/**
|
|
8764
|
-
* State indicating that verification is required for the challenged authentication method.
|
|
8765
|
-
*/
|
|
8766
|
-
class AuthMethodVerificationRequiredState extends AuthMethodRegistrationState {
|
|
8767
|
-
/**
|
|
8768
|
-
* Gets the length of the expected verification code.
|
|
8769
|
-
* @returns The code length.
|
|
8770
|
-
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
8771
|
-
*/
|
|
8772
|
-
getCodeLength() {
|
|
8773
|
-
return this.stateParameters.codeLength;
|
|
8774
|
-
}
|
|
8775
|
-
/**
|
|
8776
|
-
* Gets the channel through which the challenge was sent.
|
|
8777
|
-
* @returns The challenge channel (e.g., "email").
|
|
8778
|
-
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
8779
|
-
*/
|
|
8780
|
-
getChannel() {
|
|
8781
|
-
return this.stateParameters.challengeChannel;
|
|
8782
|
-
}
|
|
8783
|
-
/**
|
|
8784
|
-
* Gets the target label indicating where the challenge was sent.
|
|
8785
|
-
* @returns The challenge target label (e.g., masked email address).
|
|
8786
|
-
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
8787
|
-
*/
|
|
8788
|
-
getSentTo() {
|
|
8789
|
-
return this.stateParameters.challengeTargetLabel;
|
|
8790
|
-
}
|
|
8791
9097
|
/**
|
|
8792
|
-
*
|
|
8793
|
-
* @
|
|
8794
|
-
* @returns Promise that resolves to AuthMethodRegistrationSubmitChallengeResult.
|
|
8795
|
-
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
9098
|
+
* Resends the another one-time passcode for sign-in flow if the previous one hasn't been verified.
|
|
9099
|
+
* @returns {Promise<SignInResendCodeResult>} The result of the operation.
|
|
8796
9100
|
*/
|
|
8797
|
-
async
|
|
9101
|
+
async resendCode() {
|
|
8798
9102
|
try {
|
|
8799
|
-
|
|
8800
|
-
|
|
8801
|
-
const submitParams = {
|
|
9103
|
+
const submitCodeParams = {
|
|
9104
|
+
clientId: this.stateParameters.config.auth.clientId,
|
|
8802
9105
|
correlationId: this.stateParameters.correlationId,
|
|
9106
|
+
challengeType: this.stateParameters.config.customAuth.challengeTypes ?? [],
|
|
8803
9107
|
continuationToken: this.stateParameters.continuationToken ?? "",
|
|
8804
|
-
scopes: this.stateParameters.scopes ?? [],
|
|
8805
|
-
grantType: GrantType.OOB,
|
|
8806
|
-
challenge: code,
|
|
8807
9108
|
username: this.stateParameters.username,
|
|
8808
|
-
claims: this.stateParameters.claims,
|
|
8809
9109
|
};
|
|
8810
|
-
|
|
8811
|
-
|
|
8812
|
-
|
|
8813
|
-
return new
|
|
9110
|
+
this.stateParameters.logger.verbose("Resending code for sign-in.", this.stateParameters.correlationId);
|
|
9111
|
+
const result = await this.stateParameters.signInClient.resendCode(submitCodeParams);
|
|
9112
|
+
this.stateParameters.logger.verbose("Code resent for sign-in.", this.stateParameters.correlationId);
|
|
9113
|
+
return new SignInResendCodeResult(new SignInCodeRequiredState({
|
|
9114
|
+
correlationId: result.correlationId,
|
|
9115
|
+
continuationToken: result.continuationToken,
|
|
9116
|
+
logger: this.stateParameters.logger,
|
|
9117
|
+
config: this.stateParameters.config,
|
|
9118
|
+
signInClient: this.stateParameters.signInClient,
|
|
9119
|
+
cacheClient: this.stateParameters.cacheClient,
|
|
9120
|
+
jitClient: this.stateParameters.jitClient,
|
|
9121
|
+
mfaClient: this.stateParameters.mfaClient,
|
|
9122
|
+
username: this.stateParameters.username,
|
|
9123
|
+
codeLength: result.codeLength,
|
|
9124
|
+
scopes: this.stateParameters.scopes,
|
|
9125
|
+
}));
|
|
8814
9126
|
}
|
|
8815
9127
|
catch (error) {
|
|
8816
|
-
|
|
8817
|
-
return AuthMethodRegistrationSubmitChallengeResult.createWithError(error);
|
|
9128
|
+
return SignInResendCodeResult.createWithError(error);
|
|
8818
9129
|
}
|
|
8819
9130
|
}
|
|
8820
9131
|
/**
|
|
8821
|
-
*
|
|
8822
|
-
* @
|
|
8823
|
-
* @returns Promise that resolves to AuthMethodRegistrationChallengeMethodResult.
|
|
8824
|
-
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
9132
|
+
* Gets the sent code length.
|
|
9133
|
+
* @returns {number} The length of the code.
|
|
8825
9134
|
*/
|
|
8826
|
-
|
|
8827
|
-
return this.
|
|
9135
|
+
getCodeLength() {
|
|
9136
|
+
return this.stateParameters.codeLength;
|
|
9137
|
+
}
|
|
9138
|
+
/**
|
|
9139
|
+
* Gets the scopes to request.
|
|
9140
|
+
* @returns {string[] | undefined} The scopes to request.
|
|
9141
|
+
*/
|
|
9142
|
+
getScopes() {
|
|
9143
|
+
return this.stateParameters.scopes;
|
|
8828
9144
|
}
|
|
8829
9145
|
}
|
|
8830
9146
|
|
|
@@ -8860,6 +9176,13 @@ class SignInSubmitPasswordResult extends AuthFlowResultBase {
|
|
|
8860
9176
|
isAuthMethodRegistrationRequired() {
|
|
8861
9177
|
return this.state instanceof AuthMethodRegistrationRequiredState;
|
|
8862
9178
|
}
|
|
9179
|
+
/**
|
|
9180
|
+
* Checks if the result requires MFA.
|
|
9181
|
+
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
9182
|
+
*/
|
|
9183
|
+
isMfaRequired() {
|
|
9184
|
+
return this.state instanceof MfaAwaitingState;
|
|
9185
|
+
}
|
|
8863
9186
|
}
|
|
8864
9187
|
|
|
8865
9188
|
/*
|
|
@@ -8891,32 +9214,11 @@ class SignInPasswordRequiredState extends SignInState {
|
|
|
8891
9214
|
this.stateParameters.logger.verbose("Submitting password for sign-in.", this.stateParameters.correlationId);
|
|
8892
9215
|
const submitPasswordResult = await this.stateParameters.signInClient.submitPassword(submitPasswordParams);
|
|
8893
9216
|
this.stateParameters.logger.verbose("Password submitted for sign-in.", this.stateParameters.correlationId);
|
|
8894
|
-
|
|
8895
|
-
|
|
8896
|
-
return
|
|
8897
|
-
}
|
|
8898
|
-
else if (submitPasswordResult.type === SIGN_IN_JIT_REQUIRED_RESULT_TYPE) {
|
|
8899
|
-
// JIT is required - return AuthMethodRegistrationRequiredState
|
|
8900
|
-
this.stateParameters.logger.verbose("Authentication method registration required after password submission.", this.stateParameters.correlationId);
|
|
8901
|
-
return new SignInSubmitPasswordResult(new AuthMethodRegistrationRequiredState({
|
|
8902
|
-
correlationId: this.stateParameters.correlationId,
|
|
8903
|
-
continuationToken: submitPasswordResult.continuationToken,
|
|
8904
|
-
logger: this.stateParameters.logger,
|
|
8905
|
-
config: this.stateParameters.config,
|
|
8906
|
-
jitClient: this.stateParameters.jitClient,
|
|
8907
|
-
cacheClient: this.stateParameters.cacheClient,
|
|
8908
|
-
authMethods: submitPasswordResult.authMethods,
|
|
8909
|
-
username: this.stateParameters.username,
|
|
8910
|
-
scopes: this.stateParameters.scopes ?? [],
|
|
8911
|
-
claims: this.stateParameters.claims,
|
|
8912
|
-
}));
|
|
8913
|
-
}
|
|
8914
|
-
else {
|
|
8915
|
-
// Unexpected result type
|
|
8916
|
-
const result = submitPasswordResult;
|
|
8917
|
-
const error = new Error(`Unexpected result type: ${result.type}`);
|
|
8918
|
-
return SignInSubmitPasswordResult.createWithError(error);
|
|
9217
|
+
const nextState = this.handleSignInResult(submitPasswordResult, this.stateParameters.scopes);
|
|
9218
|
+
if (nextState.error) {
|
|
9219
|
+
return SignInSubmitPasswordResult.createWithError(nextState.error);
|
|
8919
9220
|
}
|
|
9221
|
+
return new SignInSubmitPasswordResult(nextState.state, nextState.accountInfo);
|
|
8920
9222
|
}
|
|
8921
9223
|
catch (error) {
|
|
8922
9224
|
this.stateParameters.logger.errorPii(`Failed to sign in after submitting password. Error: ${error}.`, this.stateParameters.correlationId);
|
|
@@ -8988,6 +9290,13 @@ class SignInResult extends AuthFlowResultBase {
|
|
|
8988
9290
|
isAuthMethodRegistrationRequired() {
|
|
8989
9291
|
return this.state instanceof AuthMethodRegistrationRequiredState;
|
|
8990
9292
|
}
|
|
9293
|
+
/**
|
|
9294
|
+
* Checks if the result requires MFA.
|
|
9295
|
+
* @warning This API is experimental. It may be changed in the future without notice. Do not use in production applications.
|
|
9296
|
+
*/
|
|
9297
|
+
isMfaRequired() {
|
|
9298
|
+
return this.state instanceof MfaAwaitingState;
|
|
9299
|
+
}
|
|
8991
9300
|
}
|
|
8992
9301
|
|
|
8993
9302
|
/*
|
|
@@ -9139,35 +9448,11 @@ class SignInContinuationState extends SignInState {
|
|
|
9139
9448
|
this.stateParameters.logger.verbose("Signing in with continuation token.", this.stateParameters.correlationId);
|
|
9140
9449
|
const signInResult = await this.stateParameters.signInClient.signInWithContinuationToken(continuationTokenParams);
|
|
9141
9450
|
this.stateParameters.logger.verbose("Signed in with continuation token.", this.stateParameters.correlationId);
|
|
9142
|
-
|
|
9143
|
-
|
|
9144
|
-
|
|
9145
|
-
return new SignInResult(new SignInCompletedState(), accountInfo);
|
|
9146
|
-
}
|
|
9147
|
-
else if (signInResult.type === SIGN_IN_JIT_REQUIRED_RESULT_TYPE) {
|
|
9148
|
-
// JIT is required
|
|
9149
|
-
this.stateParameters.logger.warning("Auth method registration required during continuation token sign-in.", this.stateParameters.correlationId);
|
|
9150
|
-
// Return AuthMethodRegistrationRequiredState to handle JIT scenario
|
|
9151
|
-
const authMethodRegistrationState = new AuthMethodRegistrationRequiredState({
|
|
9152
|
-
correlationId: this.stateParameters.correlationId,
|
|
9153
|
-
continuationToken: signInResult.continuationToken,
|
|
9154
|
-
logger: this.stateParameters.logger,
|
|
9155
|
-
config: this.stateParameters.config,
|
|
9156
|
-
jitClient: this.stateParameters.jitClient,
|
|
9157
|
-
cacheClient: this.stateParameters.cacheClient,
|
|
9158
|
-
authMethods: signInResult.authMethods,
|
|
9159
|
-
username: this.stateParameters.username,
|
|
9160
|
-
scopes: signInWithContinuationTokenInputs?.scopes ?? [],
|
|
9161
|
-
claims: this.stateParameters.claims,
|
|
9162
|
-
});
|
|
9163
|
-
return new SignInResult(authMethodRegistrationState);
|
|
9164
|
-
}
|
|
9165
|
-
else {
|
|
9166
|
-
// Unexpected result type
|
|
9167
|
-
const result = signInResult;
|
|
9168
|
-
const error = new Error(`Unexpected result type: ${result.type}`);
|
|
9169
|
-
return SignInResult.createWithError(error);
|
|
9451
|
+
const nextState = this.handleSignInResult(signInResult, signInWithContinuationTokenInputs?.scopes);
|
|
9452
|
+
if (nextState.error) {
|
|
9453
|
+
return SignInResult.createWithError(nextState.error);
|
|
9170
9454
|
}
|
|
9455
|
+
return new SignInResult(nextState.state, nextState.accountInfo);
|
|
9171
9456
|
}
|
|
9172
9457
|
catch (error) {
|
|
9173
9458
|
this.stateParameters.logger.errorPii(`Failed to sign in with continuation token. Error: ${error}.`, this.stateParameters.correlationId);
|
|
@@ -9306,6 +9591,7 @@ class SignUpAttributesRequiredState extends SignUpState {
|
|
|
9306
9591
|
signInClient: this.stateParameters.signInClient,
|
|
9307
9592
|
cacheClient: this.stateParameters.cacheClient,
|
|
9308
9593
|
jitClient: this.stateParameters.jitClient,
|
|
9594
|
+
mfaClient: this.stateParameters.mfaClient,
|
|
9309
9595
|
username: this.stateParameters.username,
|
|
9310
9596
|
signInScenario: SignInScenario.SignInAfterSignUp,
|
|
9311
9597
|
}));
|
|
@@ -9453,6 +9739,7 @@ class SignUpPasswordRequiredState extends SignUpState {
|
|
|
9453
9739
|
signUpClient: this.stateParameters.signUpClient,
|
|
9454
9740
|
cacheClient: this.stateParameters.cacheClient,
|
|
9455
9741
|
jitClient: this.stateParameters.jitClient,
|
|
9742
|
+
mfaClient: this.stateParameters.mfaClient,
|
|
9456
9743
|
username: this.stateParameters.username,
|
|
9457
9744
|
requiredAttributes: result.requiredAttributes,
|
|
9458
9745
|
}));
|
|
@@ -9468,6 +9755,7 @@ class SignUpPasswordRequiredState extends SignUpState {
|
|
|
9468
9755
|
signInClient: this.stateParameters.signInClient,
|
|
9469
9756
|
cacheClient: this.stateParameters.cacheClient,
|
|
9470
9757
|
jitClient: this.stateParameters.jitClient,
|
|
9758
|
+
mfaClient: this.stateParameters.mfaClient,
|
|
9471
9759
|
username: this.stateParameters.username,
|
|
9472
9760
|
signInScenario: SignInScenario.SignInAfterSignUp,
|
|
9473
9761
|
}));
|
|
@@ -9570,6 +9858,7 @@ class SignUpCodeRequiredState extends SignUpState {
|
|
|
9570
9858
|
signUpClient: this.stateParameters.signUpClient,
|
|
9571
9859
|
cacheClient: this.stateParameters.cacheClient,
|
|
9572
9860
|
jitClient: this.stateParameters.jitClient,
|
|
9861
|
+
mfaClient: this.stateParameters.mfaClient,
|
|
9573
9862
|
username: this.stateParameters.username,
|
|
9574
9863
|
}));
|
|
9575
9864
|
}
|
|
@@ -9585,6 +9874,7 @@ class SignUpCodeRequiredState extends SignUpState {
|
|
|
9585
9874
|
signUpClient: this.stateParameters.signUpClient,
|
|
9586
9875
|
cacheClient: this.stateParameters.cacheClient,
|
|
9587
9876
|
jitClient: this.stateParameters.jitClient,
|
|
9877
|
+
mfaClient: this.stateParameters.mfaClient,
|
|
9588
9878
|
username: this.stateParameters.username,
|
|
9589
9879
|
requiredAttributes: result.requiredAttributes,
|
|
9590
9880
|
}));
|
|
@@ -9600,6 +9890,7 @@ class SignUpCodeRequiredState extends SignUpState {
|
|
|
9600
9890
|
signInClient: this.stateParameters.signInClient,
|
|
9601
9891
|
cacheClient: this.stateParameters.cacheClient,
|
|
9602
9892
|
jitClient: this.stateParameters.jitClient,
|
|
9893
|
+
mfaClient: this.stateParameters.mfaClient,
|
|
9603
9894
|
username: this.stateParameters.username,
|
|
9604
9895
|
signInScenario: SignInScenario.SignInAfterSignUp,
|
|
9605
9896
|
}));
|
|
@@ -9635,6 +9926,7 @@ class SignUpCodeRequiredState extends SignUpState {
|
|
|
9635
9926
|
signUpClient: this.stateParameters.signUpClient,
|
|
9636
9927
|
cacheClient: this.stateParameters.cacheClient,
|
|
9637
9928
|
jitClient: this.stateParameters.jitClient,
|
|
9929
|
+
mfaClient: this.stateParameters.mfaClient,
|
|
9638
9930
|
username: this.stateParameters.username,
|
|
9639
9931
|
codeLength: result.codeLength,
|
|
9640
9932
|
codeResendInterval: result.interval,
|
|
@@ -11091,7 +11383,10 @@ const PASSWORD_RESET_RESEND_CODE = 100044;
|
|
|
11091
11383
|
const ACCOUNT_GET_ACCESS_TOKEN = 100063;
|
|
11092
11384
|
// JIT (Just-In-Time) Auth Method Registration
|
|
11093
11385
|
const JIT_CHALLENGE_AUTH_METHOD = 100081;
|
|
11094
|
-
const JIT_SUBMIT_CHALLENGE = 100082;
|
|
11386
|
+
const JIT_SUBMIT_CHALLENGE = 100082;
|
|
11387
|
+
// MFA
|
|
11388
|
+
const MFA_REQUEST_CHALLENGE = 100101;
|
|
11389
|
+
const MFA_SUBMIT_CHALLENGE = 100102;
|
|
11095
11390
|
|
|
11096
11391
|
/*
|
|
11097
11392
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -11530,6 +11825,7 @@ class ResetPasswordPasswordRequiredState extends ResetPasswordState {
|
|
|
11530
11825
|
signInClient: this.stateParameters.signInClient,
|
|
11531
11826
|
cacheClient: this.stateParameters.cacheClient,
|
|
11532
11827
|
jitClient: this.stateParameters.jitClient,
|
|
11828
|
+
mfaClient: this.stateParameters.mfaClient,
|
|
11533
11829
|
signInScenario: SignInScenario.SignInAfterPasswordReset,
|
|
11534
11830
|
}));
|
|
11535
11831
|
}
|
|
@@ -11615,6 +11911,7 @@ class ResetPasswordCodeRequiredState extends ResetPasswordState {
|
|
|
11615
11911
|
signInClient: this.stateParameters.signInClient,
|
|
11616
11912
|
cacheClient: this.stateParameters.cacheClient,
|
|
11617
11913
|
jitClient: this.stateParameters.jitClient,
|
|
11914
|
+
mfaClient: this.stateParameters.mfaClient,
|
|
11618
11915
|
username: this.stateParameters.username,
|
|
11619
11916
|
}));
|
|
11620
11917
|
}
|
|
@@ -11648,6 +11945,7 @@ class ResetPasswordCodeRequiredState extends ResetPasswordState {
|
|
|
11648
11945
|
signInClient: this.stateParameters.signInClient,
|
|
11649
11946
|
cacheClient: this.stateParameters.cacheClient,
|
|
11650
11947
|
jitClient: this.stateParameters.jitClient,
|
|
11948
|
+
mfaClient: this.stateParameters.mfaClient,
|
|
11651
11949
|
username: this.stateParameters.username,
|
|
11652
11950
|
codeLength: result.codeLength,
|
|
11653
11951
|
}));
|
|
@@ -12503,7 +12801,7 @@ class CustomAuthApiClient {
|
|
|
12503
12801
|
this.signInApi = new SignInApiClient(customAuthApiBaseUrl, clientId, httpClient, capabilities, customAuthApiQueryParams);
|
|
12504
12802
|
this.signUpApi = new SignupApiClient(customAuthApiBaseUrl, clientId, httpClient, capabilities, customAuthApiQueryParams);
|
|
12505
12803
|
this.resetPasswordApi = new ResetPasswordApiClient(customAuthApiBaseUrl, clientId, httpClient, capabilities, customAuthApiQueryParams);
|
|
12506
|
-
this.registerApi = new RegisterApiClient(customAuthApiBaseUrl, clientId, httpClient);
|
|
12804
|
+
this.registerApi = new RegisterApiClient(customAuthApiBaseUrl, clientId, httpClient, customAuthApiQueryParams);
|
|
12507
12805
|
}
|
|
12508
12806
|
}
|
|
12509
12807
|
|
|
@@ -12821,6 +13119,99 @@ class JitClient extends CustomAuthInteractionClientBase {
|
|
|
12821
13119
|
}
|
|
12822
13120
|
}
|
|
12823
13121
|
|
|
13122
|
+
/*
|
|
13123
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
13124
|
+
* Licensed under the MIT License.
|
|
13125
|
+
*/
|
|
13126
|
+
// Result type constants
|
|
13127
|
+
const MFA_VERIFICATION_REQUIRED_RESULT_TYPE = "MfaVerificationRequiredResult";
|
|
13128
|
+
const MFA_COMPLETED_RESULT_TYPE = "MfaCompletedResult";
|
|
13129
|
+
function createMfaVerificationRequiredResult(input) {
|
|
13130
|
+
return {
|
|
13131
|
+
type: MFA_VERIFICATION_REQUIRED_RESULT_TYPE,
|
|
13132
|
+
...input,
|
|
13133
|
+
};
|
|
13134
|
+
}
|
|
13135
|
+
function createMfaCompletedResult(input) {
|
|
13136
|
+
return {
|
|
13137
|
+
type: MFA_COMPLETED_RESULT_TYPE,
|
|
13138
|
+
...input,
|
|
13139
|
+
};
|
|
13140
|
+
}
|
|
13141
|
+
|
|
13142
|
+
/*
|
|
13143
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
13144
|
+
* Licensed under the MIT License.
|
|
13145
|
+
*/
|
|
13146
|
+
/**
|
|
13147
|
+
* MFA client for handling multi-factor authentication flows.
|
|
13148
|
+
*/
|
|
13149
|
+
class MfaClient extends CustomAuthInteractionClientBase {
|
|
13150
|
+
/**
|
|
13151
|
+
* Requests an MFA challenge to be sent to the user.
|
|
13152
|
+
* @param parameters The parameters for requesting the challenge.
|
|
13153
|
+
* @returns Promise that resolves to either MfaVerificationRequiredResult.
|
|
13154
|
+
*/
|
|
13155
|
+
async requestChallenge(parameters) {
|
|
13156
|
+
const apiId = MFA_REQUEST_CHALLENGE;
|
|
13157
|
+
const telemetryManager = this.initializeServerTelemetryManager(apiId);
|
|
13158
|
+
this.logger.verbose("Calling challenge endpoint for MFA.", parameters.correlationId);
|
|
13159
|
+
const challengeReq = {
|
|
13160
|
+
challenge_type: this.getChallengeTypes(parameters.challengeType),
|
|
13161
|
+
continuation_token: parameters.continuationToken,
|
|
13162
|
+
id: parameters.authMethodId,
|
|
13163
|
+
correlationId: parameters.correlationId,
|
|
13164
|
+
telemetryManager: telemetryManager,
|
|
13165
|
+
};
|
|
13166
|
+
const challengeResponse = await this.customAuthApiClient.signInApi.requestChallenge(challengeReq);
|
|
13167
|
+
this.logger.verbose("Challenge endpoint called for MFA.", parameters.correlationId);
|
|
13168
|
+
if (challengeResponse.challenge_type === ChallengeType.OOB) {
|
|
13169
|
+
// Verification required - code will be sent
|
|
13170
|
+
return createMfaVerificationRequiredResult({
|
|
13171
|
+
correlationId: challengeResponse.correlation_id,
|
|
13172
|
+
continuationToken: challengeResponse.continuation_token ?? "",
|
|
13173
|
+
challengeChannel: challengeResponse.challenge_channel ?? "",
|
|
13174
|
+
challengeTargetLabel: challengeResponse.challenge_target_label ?? "",
|
|
13175
|
+
codeLength: challengeResponse.code_length ??
|
|
13176
|
+
DefaultCustomAuthApiCodeLength,
|
|
13177
|
+
bindingMethod: challengeResponse.binding_method ?? "",
|
|
13178
|
+
});
|
|
13179
|
+
}
|
|
13180
|
+
this.logger.error(`Unsupported challenge type '${challengeResponse.challenge_type}' for MFA.`, parameters.correlationId);
|
|
13181
|
+
throw new CustomAuthApiError(UNSUPPORTED_CHALLENGE_TYPE, `Unsupported challenge type '${challengeResponse.challenge_type}'.`, challengeResponse.correlation_id);
|
|
13182
|
+
}
|
|
13183
|
+
/**
|
|
13184
|
+
* Submits the MFA challenge response (e.g., OTP code).
|
|
13185
|
+
* @param parameters The parameters for submitting the challenge.
|
|
13186
|
+
* @returns Promise that resolves to MfaCompletedResult.
|
|
13187
|
+
*/
|
|
13188
|
+
async submitChallenge(parameters) {
|
|
13189
|
+
ensureArgumentIsNotEmptyString("parameters.challenge", parameters.challenge, parameters.correlationId);
|
|
13190
|
+
const apiId = MFA_SUBMIT_CHALLENGE;
|
|
13191
|
+
const telemetryManager = this.initializeServerTelemetryManager(apiId);
|
|
13192
|
+
const scopes = this.getScopes(parameters.scopes);
|
|
13193
|
+
const request = {
|
|
13194
|
+
continuation_token: parameters.continuationToken,
|
|
13195
|
+
oob: parameters.challenge,
|
|
13196
|
+
grant_type: GrantType.MFA_OOB,
|
|
13197
|
+
scope: scopes.join(" "),
|
|
13198
|
+
correlationId: parameters.correlationId,
|
|
13199
|
+
telemetryManager: telemetryManager,
|
|
13200
|
+
...(parameters.claims && {
|
|
13201
|
+
claims: parameters.claims,
|
|
13202
|
+
}),
|
|
13203
|
+
};
|
|
13204
|
+
this.logger.verbose("Calling token endpoint for MFA challenge submission.", parameters.correlationId);
|
|
13205
|
+
const tokenResponse = await this.customAuthApiClient.signInApi.requestTokensWithOob(request);
|
|
13206
|
+
// Save tokens and create authentication result
|
|
13207
|
+
const result = await this.handleTokenResponse(tokenResponse, scopes, tokenResponse.correlation_id ?? parameters.correlationId);
|
|
13208
|
+
return createMfaCompletedResult({
|
|
13209
|
+
correlationId: parameters.correlationId,
|
|
13210
|
+
authenticationResult: result,
|
|
13211
|
+
});
|
|
13212
|
+
}
|
|
13213
|
+
}
|
|
13214
|
+
|
|
12824
13215
|
/*
|
|
12825
13216
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
12826
13217
|
* Licensed under the MIT License.
|
|
@@ -12848,38 +13239,40 @@ class CustomAuthSilentCacheClient extends CustomAuthInteractionClientBase {
|
|
|
12848
13239
|
* @returns {Promise<AuthenticationResult>} The promise that resolves to an AuthenticationResult.
|
|
12849
13240
|
*/
|
|
12850
13241
|
async acquireToken(silentRequest) {
|
|
13242
|
+
const correlationId = silentRequest.correlationId || this.correlationId;
|
|
12851
13243
|
const telemetryManager = this.initializeServerTelemetryManager(ACCOUNT_GET_ACCESS_TOKEN);
|
|
12852
|
-
const clientConfig = this.getCustomAuthClientConfiguration(telemetryManager, this.customAuthAuthority);
|
|
13244
|
+
const clientConfig = this.getCustomAuthClientConfiguration(telemetryManager, this.customAuthAuthority, correlationId);
|
|
12853
13245
|
const silentFlowClient = new SilentFlowClient(clientConfig, this.performanceClient);
|
|
12854
13246
|
try {
|
|
12855
|
-
this.logger.verbose("Starting silent flow to acquire token from cache",
|
|
13247
|
+
this.logger.verbose("Starting silent flow to acquire token from cache", correlationId);
|
|
12856
13248
|
const result = await silentFlowClient.acquireCachedToken(silentRequest);
|
|
12857
|
-
this.logger.verbose("Silent flow to acquire token from cache is completed and token is found",
|
|
13249
|
+
this.logger.verbose("Silent flow to acquire token from cache is completed and token is found", correlationId);
|
|
12858
13250
|
return result[0];
|
|
12859
13251
|
}
|
|
12860
13252
|
catch (error) {
|
|
12861
13253
|
if (error instanceof ClientAuthError &&
|
|
12862
13254
|
error.errorCode === tokenRefreshRequired) {
|
|
12863
|
-
this.logger.verbose("Token refresh is required to acquire token silently",
|
|
13255
|
+
this.logger.verbose("Token refresh is required to acquire token silently", correlationId);
|
|
12864
13256
|
const refreshTokenClient = new RefreshTokenClient(clientConfig, this.performanceClient);
|
|
12865
|
-
this.logger.verbose("Starting refresh flow to refresh token",
|
|
13257
|
+
this.logger.verbose("Starting refresh flow to refresh token", correlationId);
|
|
12866
13258
|
const refreshTokenResult = await refreshTokenClient.acquireTokenByRefreshToken(silentRequest);
|
|
12867
|
-
this.logger.verbose("Refresh flow to refresh token is completed",
|
|
13259
|
+
this.logger.verbose("Refresh flow to refresh token is completed", correlationId);
|
|
12868
13260
|
return refreshTokenResult;
|
|
12869
13261
|
}
|
|
12870
13262
|
throw error;
|
|
12871
13263
|
}
|
|
12872
13264
|
}
|
|
12873
13265
|
async logout(logoutRequest) {
|
|
13266
|
+
const correlationId = logoutRequest?.correlationId || this.correlationId;
|
|
12874
13267
|
const validLogoutRequest = this.initializeLogoutRequest(logoutRequest);
|
|
12875
13268
|
// Clear the cache
|
|
12876
|
-
this.logger.verbose("Start to clear the cache",
|
|
12877
|
-
await this.clearCacheOnLogout(
|
|
12878
|
-
this.logger.verbose("Cache cleared",
|
|
13269
|
+
this.logger.verbose("Start to clear the cache", correlationId);
|
|
13270
|
+
await this.clearCacheOnLogout(correlationId, validLogoutRequest?.account);
|
|
13271
|
+
this.logger.verbose("Cache cleared", correlationId);
|
|
12879
13272
|
const postLogoutRedirectUri = this.config.auth.postLogoutRedirectUri;
|
|
12880
13273
|
if (postLogoutRedirectUri) {
|
|
12881
13274
|
const absoluteRedirectUri = UrlString.getAbsoluteUrl(postLogoutRedirectUri, getCurrentUri());
|
|
12882
|
-
this.logger.verbose("Post logout redirect uri is set, redirecting to uri",
|
|
13275
|
+
this.logger.verbose("Post logout redirect uri is set, redirecting to uri", correlationId);
|
|
12883
13276
|
// Redirect to post logout redirect uri
|
|
12884
13277
|
await this.navigationClient.navigateExternal(absoluteRedirectUri, {
|
|
12885
13278
|
apiId: ApiId.logout,
|
|
@@ -12906,7 +13299,7 @@ class CustomAuthSilentCacheClient extends CustomAuthInteractionClientBase {
|
|
|
12906
13299
|
}
|
|
12907
13300
|
return account;
|
|
12908
13301
|
}
|
|
12909
|
-
getCustomAuthClientConfiguration(serverTelemetryManager, customAuthAuthority) {
|
|
13302
|
+
getCustomAuthClientConfiguration(serverTelemetryManager, customAuthAuthority, correlationId) {
|
|
12910
13303
|
const logger = this.config.system.loggerOptions;
|
|
12911
13304
|
return {
|
|
12912
13305
|
authOptions: {
|
|
@@ -12923,7 +13316,7 @@ class CustomAuthSilentCacheClient extends CustomAuthInteractionClientBase {
|
|
|
12923
13316
|
loggerCallback: logger.loggerCallback,
|
|
12924
13317
|
piiLoggingEnabled: logger.piiLoggingEnabled,
|
|
12925
13318
|
logLevel: logger.logLevel,
|
|
12926
|
-
correlationId:
|
|
13319
|
+
correlationId: correlationId,
|
|
12927
13320
|
},
|
|
12928
13321
|
cacheOptions: {
|
|
12929
13322
|
claimsBasedCachingEnabled: this.config.cache.claimsBasedCachingEnabled,
|
|
@@ -15570,6 +15963,7 @@ class InteractionHandler {
|
|
|
15570
15963
|
* Licensed under the MIT License.
|
|
15571
15964
|
*/
|
|
15572
15965
|
const contentError = "ContentError";
|
|
15966
|
+
const pageException = "PageException";
|
|
15573
15967
|
const userSwitch = "user_switch";
|
|
15574
15968
|
|
|
15575
15969
|
/*
|
|
@@ -15616,6 +16010,7 @@ function isFatalNativeAuthError(error) {
|
|
|
15616
16010
|
}
|
|
15617
16011
|
switch (error.errorCode) {
|
|
15618
16012
|
case contentError:
|
|
16013
|
+
case pageException:
|
|
15619
16014
|
return true;
|
|
15620
16015
|
default:
|
|
15621
16016
|
return false;
|
|
@@ -16275,6 +16670,7 @@ class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
|
16275
16670
|
case PromptValue.NONE:
|
|
16276
16671
|
case PromptValue.CONSENT:
|
|
16277
16672
|
case PromptValue.LOGIN:
|
|
16673
|
+
case PromptValue.SELECT_ACCOUNT:
|
|
16278
16674
|
this.logger.trace("initializeNativeRequest: prompt is compatible with native flow");
|
|
16279
16675
|
return prompt;
|
|
16280
16676
|
default:
|
|
@@ -19877,6 +20273,7 @@ class StandardController {
|
|
|
19877
20273
|
case PromptValue.NONE:
|
|
19878
20274
|
case PromptValue.CONSENT:
|
|
19879
20275
|
case PromptValue.LOGIN:
|
|
20276
|
+
case PromptValue.SELECT_ACCOUNT:
|
|
19880
20277
|
this.logger.trace("canUsePlatformBroker: prompt is compatible with platform broker flow");
|
|
19881
20278
|
break;
|
|
19882
20279
|
default:
|
|
@@ -20409,6 +20806,7 @@ class CustomAuthStandardController extends StandardController {
|
|
|
20409
20806
|
this.resetPasswordClient =
|
|
20410
20807
|
interactionClientFactory.create(ResetPasswordClient);
|
|
20411
20808
|
this.jitClient = interactionClientFactory.create(JitClient);
|
|
20809
|
+
this.mfaClient = interactionClientFactory.create(MfaClient);
|
|
20412
20810
|
this.cacheClient = interactionClientFactory.create(CustomAuthSilentCacheClient);
|
|
20413
20811
|
}
|
|
20414
20812
|
/*
|
|
@@ -20468,6 +20866,7 @@ class CustomAuthStandardController extends StandardController {
|
|
|
20468
20866
|
signInClient: this.signInClient,
|
|
20469
20867
|
cacheClient: this.cacheClient,
|
|
20470
20868
|
jitClient: this.jitClient,
|
|
20869
|
+
mfaClient: this.mfaClient,
|
|
20471
20870
|
username: signInInputs.username,
|
|
20472
20871
|
codeLength: startResult.codeLength,
|
|
20473
20872
|
scopes: signInInputs.scopes ?? [],
|
|
@@ -20487,6 +20886,7 @@ class CustomAuthStandardController extends StandardController {
|
|
|
20487
20886
|
signInClient: this.signInClient,
|
|
20488
20887
|
cacheClient: this.cacheClient,
|
|
20489
20888
|
jitClient: this.jitClient,
|
|
20889
|
+
mfaClient: this.mfaClient,
|
|
20490
20890
|
username: signInInputs.username,
|
|
20491
20891
|
scopes: signInInputs.scopes ?? [],
|
|
20492
20892
|
claims: signInInputs.claims,
|
|
@@ -20527,6 +20927,21 @@ class CustomAuthStandardController extends StandardController {
|
|
|
20527
20927
|
claims: signInInputs.claims,
|
|
20528
20928
|
}));
|
|
20529
20929
|
}
|
|
20930
|
+
else if (submitPasswordResult.type ===
|
|
20931
|
+
SIGN_IN_MFA_REQUIRED_RESULT_TYPE) {
|
|
20932
|
+
// MFA is required - create MfaAwaitingState
|
|
20933
|
+
this.logger.verbose("MFA required for sign-in.", correlationId);
|
|
20934
|
+
return new SignInResult(new MfaAwaitingState({
|
|
20935
|
+
correlationId: correlationId,
|
|
20936
|
+
continuationToken: submitPasswordResult.continuationToken,
|
|
20937
|
+
logger: this.logger,
|
|
20938
|
+
config: this.customAuthConfig,
|
|
20939
|
+
mfaClient: this.mfaClient,
|
|
20940
|
+
cacheClient: this.cacheClient,
|
|
20941
|
+
scopes: signInInputs.scopes ?? [],
|
|
20942
|
+
authMethods: submitPasswordResult.authMethods ?? [],
|
|
20943
|
+
}));
|
|
20944
|
+
}
|
|
20530
20945
|
else {
|
|
20531
20946
|
// Unexpected result type
|
|
20532
20947
|
const result = submitPasswordResult;
|
|
@@ -20579,6 +20994,7 @@ class CustomAuthStandardController extends StandardController {
|
|
|
20579
20994
|
signUpClient: this.signUpClient,
|
|
20580
20995
|
cacheClient: this.cacheClient,
|
|
20581
20996
|
jitClient: this.jitClient,
|
|
20997
|
+
mfaClient: this.mfaClient,
|
|
20582
20998
|
username: signUpInputs.username,
|
|
20583
20999
|
codeLength: startResult.codeLength,
|
|
20584
21000
|
codeResendInterval: startResult.interval,
|
|
@@ -20596,6 +21012,7 @@ class CustomAuthStandardController extends StandardController {
|
|
|
20596
21012
|
signUpClient: this.signUpClient,
|
|
20597
21013
|
cacheClient: this.cacheClient,
|
|
20598
21014
|
jitClient: this.jitClient,
|
|
21015
|
+
mfaClient: this.mfaClient,
|
|
20599
21016
|
username: signUpInputs.username,
|
|
20600
21017
|
}));
|
|
20601
21018
|
}
|
|
@@ -20635,6 +21052,7 @@ class CustomAuthStandardController extends StandardController {
|
|
|
20635
21052
|
resetPasswordClient: this.resetPasswordClient,
|
|
20636
21053
|
cacheClient: this.cacheClient,
|
|
20637
21054
|
jitClient: this.jitClient,
|
|
21055
|
+
mfaClient: this.mfaClient,
|
|
20638
21056
|
username: resetPasswordInputs.username,
|
|
20639
21057
|
codeLength: startResult.codeLength,
|
|
20640
21058
|
}));
|
|
@@ -21541,6 +21959,14 @@ exports.HttpError = HttpError;
|
|
|
21541
21959
|
exports.InvalidArgumentError = InvalidArgumentError;
|
|
21542
21960
|
exports.InvalidConfigurationError = InvalidConfigurationError;
|
|
21543
21961
|
exports.MethodNotImplementedError = MethodNotImplementedError;
|
|
21962
|
+
exports.MfaAwaitingState = MfaAwaitingState;
|
|
21963
|
+
exports.MfaCompletedState = MfaCompletedState;
|
|
21964
|
+
exports.MfaFailedState = MfaFailedState;
|
|
21965
|
+
exports.MfaRequestChallengeError = MfaRequestChallengeError;
|
|
21966
|
+
exports.MfaRequestChallengeResult = MfaRequestChallengeResult;
|
|
21967
|
+
exports.MfaSubmitChallengeError = MfaSubmitChallengeError;
|
|
21968
|
+
exports.MfaSubmitChallengeResult = MfaSubmitChallengeResult;
|
|
21969
|
+
exports.MfaVerificationRequiredState = MfaVerificationRequiredState;
|
|
21544
21970
|
exports.MsalCustomAuthError = MsalCustomAuthError;
|
|
21545
21971
|
exports.NoCachedAccountFoundError = NoCachedAccountFoundError;
|
|
21546
21972
|
exports.ParsedUrlError = ParsedUrlError;
|